SPRINGFIELD, ILL. — According to the American Water Works Association (AWWA), an investigation by the FBI and the U.S. Department of Homeland Security (DHS) has found no evidence of a cyber intrusion into the supervisory control and data acquisition (SCADA) system of an Illinois water utility. They had been called in to investigate a pump failure at the Curran-Gardner Public Water District in Springfield, Ill.
Late Nov. 22, the DHS Industrial Control Systems Cyber Emergency Response Team stated: “There is no evidence to support claims made in the initial Fusion Center report — which was based on raw, unconfirmed data and subsequently leaked to the media — that any credentials were stolen or that the vendor was involved in any malicious activity that led to a pump failure at the water plant. In addition, DHS and FBI have concluded that there was no malicious traffic from Russia or any foreign entities, as previously reported.”
The FBI-DHS investigation made news around the world the weekend of Nov. 17 after a blogger revealed the contents of a confidential report on the event prepared by the Illinois Statewide Terrorism & Intelligence Center. In addition, a hacker posted screen shots of a south Texas utility’s SCADA system in an apparent response to comments made by DHS officials that the Illinois incident was isolated. No harm was caused as the hacker simply wanted to demonstrate that similar systems can be accessed.
AWWA advised utilities to be prepared for questions about the safety of their local water systems and identified security resources for them, particularly the Cyber Security Evaluation Tool, a DHS product that assists organizations in protecting their key national cyber assets.
AWWA has worked closely with DHS and the Water Sector Coordinating Council on the security of process control systems. This has included sponsoring training on DHS resources and preparing the Roadmap to Secure Control Systems in the Water Sector, which was produced by the WSCC Cyber Security Working Group. It identifies many the challenges facing the water sector in this area.
In addition, AWWA has two standards that address security practices: AWWA G430-09, Security Practices for Operation and Management and ANSI/ASME-ITI/AWWA J100-10, RAMCAP Risk and Resilience Management of Water and Wastewater Systems.