November 19, 2011
The Washington Post is reporting that recent damage to an Illinois water treatment plant was a cyber attack by foreign hackers, “Foreign hackers caused a pump at an Illinois water plant to fail last week, according to a preliminary state report.”
The narrative of the attack is that a Russian-based hacker created minor “glitches” in the Supervisory Control and Data Acquisition System (SCADA) which, according to Krebs on Security, is “designed to monitor and control complex industrial networks.” Apparently, it caused the system to turn on and off, resulting in the burnout of a water pump.
Despite the alarmist title of the article, DHS spokesman Peter Boogaard cautioned “At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety.”
Although the “original source of the information was unknown and impossible to immediately verify,” the claim is allegedly made in a “Public Water District Cyber Intrusion” report. Industry expert and Department of Homeland Security adviser, Joe Weiss, as if on a publicity tour, called both the Washington Post and Wired with alarmist rhetoric.
Weiss conclusively told the Washington Post, “This is a big deal. It was tracked to Russia. It has been in the system for at least two to three months. It has caused damage. We don’t know how many other utilities are currently compromised.”
Yet, the DHS maintains that there is no credible data or threat, and Don Craven, a water district trustee, told the State Journal-Register that they don’t know what caused it and that “the water district is up and running and things are fine.”
Still, Weiss told Wired,“There very easily could be other utilities as we speak who have their networks compromised,” he said. “This is unconscionable.”
If this highly speculative report is true, it would not only be the first time hackers successfully infiltrated and physically damaged a public utility in the United States, it would also be the first time they did so through the Internet.
As was determined with the now infamous Stuxnet attack on Iran’s nuclear enrichment facilities, a virus was planted on a USB stick that was plugged it into a computer at a secure facility — not through the Internet.
Expert insiders agree that Stuxnet was so sophisticated that it could have only come from U.S. and/or Israeli engineers, Since neither government has denied these allegations, it represents the only substantial hack attack with a credible culprit.
To date, most alleged cyber attacks have been vague stories of shadowy hackers originating from IP addresses in Romania or China. Despite having no verified accounts of successful external attacks on public utilities, the fear propaganda of cyber threats persist.
Any credible investigator would look for motive in such attacks. It’s interesting that no one would seem to benefit from attacking a random small water treatment facility except, of course, the cyber defense industry itself — of which Joe Weiss, the oft-referred to expert source for this recent unconfirmed attack, is a beneficiary of.
In all honesty, what sober “hacker” would waste their time and sophistication to target a minor public utility? And what type of cyber terrorist would waste their talent on such a fruitless endeavor? The idea that this is a “big deal . . . tracked to Russia,” as Weiss stated, implies some sort of nation-state sponsorship, making such a low-level attack even more implausible.
What we do know, however, is that the U.S. is hellbent on controlling the Internet. Therefore, they appear to have the motive to create and inflate perceived threats in order to offer the solution of reduced Internet freedom and privacy.
Indeed, one of the proposed “solutions” is to require a digital ID for all web users just to access the Internet. And if that is unsuccessful, they’ve devised other draconian solutions like making it a felony to lie on the Internet.
So this over-hyped, completely unsubstantiated cyber attack appears to be nothing more than another attempt of fear mongering by government-funded “experts” in order to pursue their desired agenda to castrate Internet freedom.