14 DAY TRIAL // The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) released the final results of their investigation on the water pump failure incident that occurred at an Illinois water utility. The results show that there was no cybercriminal activity involved and everything was in fact just a pump failure.
DHS's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) released an update on the situation not long ago to show that there was no hacking involved, reports Digital Dao.
“After detailed analysis, DHS and the FBI have found no evidence of a cyber intrusion into the SCADA system of the Curran-Gardner Public Water District in Springfield, Illinois,” reads the report.
It turns out that there is no Russian hacker involved in the incident as it was previously believed.
“There is no evidence to support claims made in the initial Fusion Center report - which was based on raw, unconfirmed data and subsequently leaked to the media - that any credentials were stolen, or that the vendor was involved in any malicious activity that led to a pump failure at the water plant,” the report added.
“In addition, DHS and FBI have concluded that there was no malicious traffic from Russia or any foreign entities, as previously reported.”
All this might be true, especially since first reports mentioned that the pump in question was already presenting issues, 2-3 months prior to the complete failure.
There still remains the matter of the other incident that was actually proven by a hacker who calls himself pr0f. He allegedly managed to break into the systems of the South Houston water utility and to make sure everyone will believe him, he made some screenshots of the human machine interface utilized by the company to monitor and control the machinery.
At this point it's still too early to tell what exactly happened. However, one thing is certain. The SCADA systems in the US may very well present some flaws that can be at any time taken advantage of by some cybercriminal mastermind.