Last week word began filtering out about a suspected cyber attack on a water treatment system in Illinois. After a preliminary investigation into a pump failure, the issue quickly became a cyber incident.
Further analysis suggests that the actual breach and malicious activities began a couple of months ago. Workers at the water treatment facility determined the system had been hacked and the IP address used to carry out the cyber sabotage was tracked back to a computer in Russia.
What is deeply concerning about this incident is that physical damage (burned out pump) resulted. A second cyber incident in Texas followed the Illinois incident. An online post about the incident includes computer screen captures of the industrial control system for the treatment system.
Intel for the Illinois state fusion center said it is not known how many other systems might be affected. It is important to note that these events have multiple security experts wanting to say I told you so and they certainly have the right after in some cases these warning fell on deaf ears for years.
Our critical infrastructure has become a prime target and as such requires additional cyber defense and monitoring. This and other events highlight the danger that cyber attackers can break into Supervisory Control and Data Acquisition (SCADA) systems that are widely used to control industrial processes.
This serves to confirm that the U.S. critical infrastructure remains at great risk from cyber attacks.
Why is it that the U.S. seems to wait until after an event, like these or worse, before they take proper action?