Did Foreign Hackers Target US Water Plant? Or Someone Closer to Home?

Despite misleading and poorly sourced reports, it now appears that a successful and damaging cyberattack on a Springfield, Ill., water utility may have used a variant of the Stutznet worm. Reports have raised the question of whether the U.S. government, along with Israel, was involved in developing it.

"Companies and government agencies that rely on the Internet have for years been routine targets of hackers, but most incidents have resulted from attempts to steal information or interrupt the functioning of Web sites. The incident in Springfield, Ill., would mark a departure because it apparently caused physical destruction.

Federal officials confirmed that the FBI and the Department of Homeland Security were investigating damage to the water plant but cautioned against concluding that it was necessarily a cyber-attack before all the facts could be learned. 'At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety,'said DHS spokesman Peter Boogaard.

News of the incident became public after Joe Weiss, an industry security expert, obtained a report dated Nov. 10 and collected by an Illinois state intelligence center that monitors security threats. The original source of the information was unknown and impossible to immediately verify."

Ellen Nakashima reports for the Washington Post's Checkpoint Washington blog November 18, 2011.


"Stuxnet Strike on U.S. Utility Signals Disturbing Trend" (NewsFactor)

"Hacker Says He Breached Texas Water Plant Network" (MSNBC)

"Israeli Test on Worm Called Crucial in Iran Nuclear Delay" (New York Times)

"New Malicious Program by Creators of Stuxnet Is Suspected" (New York Times)

Source: Wash Post, 11/22/2011