Top 5 Stories


Sorry Vladimir, our bad: Water pump ‘hack’ just equipment failure

02 December 2011

The contractor who helped install the industrial control system for the Curran-Gardner Public Water District in Springfield, Illinois, said the water pump allegedly hacked by the Russians in fact just burned out.

Jim Mimlitz, founder and owner of Navionics Research, told Threat Level that he had logged into the water utility’s supervisory control and data acquisition (SCADA) system, which his firm helped set up, to do some troubleshooting while he was on vacation in Russia. He remotely accessed the SCADA system using his cellphone, which routed the call through a Russian IP address.

Five months later, when a water pump failed at the facility, a computer contractor called in to examine the system reported the Russian IP address in the SCADA logs to the Environmental Protection Agency (EPA), according to the Threat Level report. From the EPA, the report made its way to the Illinois Statewide Terrorism and Intelligence Center.

The Russian IP address had Mumlitz’s user name next to it in the SCADA log, but no one from the center bothered to call him. “I could have straightened it out with just one phone call, and this would all have been defused,” Mimlitz told Threat Report.

Instead, on Nov. 10 the center released a report that connected the broken water pump to the log-in to the SCADA system from a Russian IP address. The author of the report surmised that Russian hackers had gained access to Mimlitz’s cellphone and stole his credentials.

Following the media storm created by the report, the FBI and the Department of Homeland Security sent investigators to the water plant. After examining the logs and speaking with Mimlitz, they realized that the state center was wrong.

Following the investigation, the DHS Industrial Control Systems-Cyber Emergency Response Team (ICS-CERT) issued a bulletin on Nov. 23, which concluded: “After detailed analysis of all available data, ICS-CERT and the FBI found no evidence of a cyber intrusion into the SCADA system of the Curran-Gardner Public Water District in Springfield, Illinois.”

So much for the first shot in a US-Russia cyberwar.

This article is featured in:
Application Security  •  Compliance and Policy  •  Data Loss  •  Identity and Access Management  •  Internet and Network Security  •  Public Sector


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×