This article is from the source 'bbc' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at http://www.bbc.co.uk/go/rss/int/news/-/news/technology-15817335
The article has changed 4 times. There is an RSS feed of changes available.
| Version 0 | Version 1 |
|---|---|
| Hackers 'hit' US water treatment systems | Hackers 'hit' US water treatment systems |
| (about 2 hours later) | |
| Hackers are alleged to have destroyed a pump used to pipe water to thousands of homes in a US city in Illinois. | Hackers are alleged to have destroyed a pump used to pipe water to thousands of homes in a US city in Illinois. |
| Hackers with access to the utility's network are thought to have broken the pump by turning it on and off quickly. | Hackers with access to the utility's network are thought to have broken the pump by turning it on and off quickly. |
| The FBI and Department for Homeland Security (DHS) are investigating the incident as details emerge of what could be a separate second attack. | The FBI and Department for Homeland Security (DHS) are investigating the incident as details emerge of what could be a separate second attack. |
| Experts said the news revealed a growing interest in critical infrastructure by cyber criminals. | Experts said the news revealed a growing interest in critical infrastructure by cyber criminals. |
| Information about the 8 November incident came to light via the blog of Joe Weiss who advises utilities on how to protect hardware against attack. | Information about the 8 November incident came to light via the blog of Joe Weiss who advises utilities on how to protect hardware against attack. |
| Mr Weiss quoted from a short report by the Illinois Statewide Terrorism and Intelligence Center which said hackers obtained access using stolen login names and passwords. These were taken from a company which writes control software for industrial systems. | Mr Weiss quoted from a short report by the Illinois Statewide Terrorism and Intelligence Center which said hackers obtained access using stolen login names and passwords. These were taken from a company which writes control software for industrial systems. |
| The net address through which the attack was carried out was traced to Russia, according to Mr Weiss. The report said "glitches" in the remote access system for the pump had been noticed for months before the burn out, said Mr Weiss. | The net address through which the attack was carried out was traced to Russia, according to Mr Weiss. The report said "glitches" in the remote access system for the pump had been noticed for months before the burn out, said Mr Weiss. |
| Peter Boogaard, A spokesman for the DHS, said it was gathering facts about the incident. | Peter Boogaard, A spokesman for the DHS, said it was gathering facts about the incident. |
| "At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety," he said. | "At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety," he said. |
| Industrial action | Industrial action |
| The comments by the DHS prompted a hacker using the handle "pr0f" to claim he had access to the control systems for a second US water utility. | The comments by the DHS prompted a hacker using the handle "pr0f" to claim he had access to the control systems for a second US water utility. |
| He posted a document to the Pastebin website which purportedly contained links to screenshots of the internal control systems for a waste water treatment plant in South Houston. | He posted a document to the Pastebin website which purportedly contained links to screenshots of the internal control systems for a waste water treatment plant in South Houston. |
| The hacker's claims about their ability to penetrate the control systems have yet to be confirmed or denied by South Houston's Water and Sewer Department. | The hacker's claims about their ability to penetrate the control systems have yet to be confirmed or denied by South Houston's Water and Sewer Department. |
| In an interview with the Threat Post website, Pr0f said the hack of the South Houston network barely deserved the name because only a three-character password had been used to protect the system. | In an interview with the Threat Post website, Pr0f said the hack of the South Houston network barely deserved the name because only a three-character password had been used to protect the system. |
| The attacks are the latest in a series in which different hackers and groups have targeted so called Supervisory Control And Data Acquisition (SCADA) systems. These specialised computer systems are used to control machinery used to filter water, mix chemicals, distribute power and route trains and trams. | |
| One of the best known SCADA attacks involved the Stuxnet worm which caused problems for Iran. | One of the best known SCADA attacks involved the Stuxnet worm which caused problems for Iran. |
| There were reports that the malware crippled centrifuges used in the nation's uranium enrichment program. Iran denied the claims saying that it had caught the worm before it reached its intended target. | There were reports that the malware crippled centrifuges used in the nation's uranium enrichment program. Iran denied the claims saying that it had caught the worm before it reached its intended target. |
| Earlier this year, security researchers who investigated ways to attack SCADA systems were persuaded to cancel a public talk about their findings because of the "serious physical, financial impact these issues could have on a worldwide basis". | Earlier this year, security researchers who investigated ways to attack SCADA systems were persuaded to cancel a public talk about their findings because of the "serious physical, financial impact these issues could have on a worldwide basis". |
| Lani Kass, a former advisor to the US Joint Chiefs of Staff on security issues, said America had to start doing more work to understand attacks on critical infrastructure. | Lani Kass, a former advisor to the US Joint Chiefs of Staff on security issues, said America had to start doing more work to understand attacks on critical infrastructure. |
| "The going in hypothesis is always that it's just an incident or coincidence," she said. "And if every incident is seen in isolation, it's hard - if not impossible - to discern a pattern or connect the dots." | "The going in hypothesis is always that it's just an incident or coincidence," she said. "And if every incident is seen in isolation, it's hard - if not impossible - to discern a pattern or connect the dots." |
| "Failure to connect the dots led us to be surprised on 9/11," she said. | "Failure to connect the dots led us to be surprised on 9/11," she said. |