- The Washington Times - Monday, November 28, 2011

Federal officials believe there was no cyberattack on a small water utility in Illinois this month, saying the initial report from the state’s counterterrorism center was wrong.

The FBI and Homeland Security Department conducted a “detailed analysis” and found no evidence of a “cyber intrusion” into the control system of the Curran-Gardner Public Water District in the capital of Springfield, said Homeland Security Department spokesman Chris Ortman.

A Nov. 10 report of a Russian cyberattack against the utility produced by the Illinois Statewide Terrorism Intelligence Center was widely reported in the news media before Thanksgiving. The report stated that hackers with a Russian Internet address had burned out a water pump by repeatedly turning it on and off.

Mr. Ortman said the Illinois report was inaccurate, and state officials told The Washington Times on Monday that they were looking into why the center distributed the report that said the utility’s computerized control system that runs its pipes, pumps and reservoirs had been hacked.

“There is no evidence to support claims made in initial reports - which were based on raw, unconfirmed data and subsequently leaked to the media,” Mr. Ortman told The Times.

He said a special team of federal investigators concluded “that there was no malicious traffic from Russia or any foreign entities” in the logs they examined from the utility.

A Homeland Security official confirmed reports over the holiday weekend that the Russian Internet address had been discovered in the utility’s computer system records because “a contractor in Russia on personal travel had logged on” from there to do work on it.

Officials provided an unusual level of detail about the results of the investigation, apparently in an effort to show how the initial report came to such inaccurate conclusions - sparking fears that the nation’s water systems might be under attack.

The director of the Illinois State Police has launched an inquiry into how the initial report was written and why it was circulated, spokeswoman Monique Bond said.

“We are looking internally at how the information [for the report] was gathered and disseminated,” she said. “It certainly seems it was never corroborated.”

Security analysts say the incident shows the difficulties of defending against cyberattacks. Military officials have said it can be hard to distinguish among computer-spying, cybersabotage and all out cyberwar.

LOAD COMMENTS ()

 

Click to Read More

Click to Hide