ICS-CERT and the FBI have concluded that initial reports of a Russian-based hacker destroying a water pump at an Illinois drinking water system are not true.
According to their joint release: “DHS and the FBI have found no evidence of a cyber intrusion” or “malicious traffic from Russia or any foreign entities, as previously reported.”
As happy/relieved as I am to know that the Russians aren’t out to disrupt our water services, it is important to note that a water system in South Houston was the victim of a real cyber attack. (You’ll recall it occurred in direct response to DHS downplaying of the reported situation in Illinois).
The would-be attack, and the actual one, are stark reminders that the threat of cyber attacks are real. Also real is the vulnerability of our nation’s water systems to this specific method of intrusion.
Given the press coverage and overall attention drawn to what I refer to as the sector’s “soft underbelly,” it is my sincere hope that the sector, its security partners and Congress can work together to address the issue in a voluntary and responsible manner.
After all, there’s no need to wait until a major attack occurs before we start shoring up our cyber systems.