An investigation is under way into reports that hackers managed to remotely shut down a water system in Illinois. At the dawn of the age of cyber terrorism against nations, the question now is what other facilities in the US could hackers attack?
It is understood that in the attack the hackers used stolen credentials belonging to a company that made industrial control systems and accessed the water system of the city of Springfield.
The Stuxnet virus attacks, which focused on a uranium facility, highlighted security weaknesses in the SCADA systems used to control energy facilities and manufacturing facilities.
How the attack happened
According to IT security expert Dermot Williams of ThreatsCape, the equipment at the water facility was damaged after the remote hacker managed to access the control system and instruct it to turn on and off repeatedly, causing the pump to fail.
“SCADA (supervisory control and data acquisition) technology is used when computer systems need to communicate with or control equipment used in tasks such as process automation or industrial processes – everything from traffic lights to water pumps, manufacturing lines, laboratory equipment, power plants, oil and gas pipelines, even nuclear enrichment centrifuges as were targeted by the Stuxnet worm.
“It appears that someone managed to gain access to the computer systems of a firm which supplied SCADA software to the affected water district – and during that intrusion they obtained passwords which allowed them in turn to gain access to the customer’s SCADA system.
“Once they had access to the control system … they were in control. It is not clear yet whether they only stole information which gave them access to one customer – or if they managed to steal some sort of ‘master password’ which (contrary to good security practice) had been set up to allow staff at the SCADA software provider with easier access to multiple customer systems,” Williams added.