The threat to our nation’s precious bodily fluids may have been somewhat premature….. A few weeks ago a number of media outlets reported a potential Stuxnet-style hacker attack on an Illionois water pump. The implication seemed to be that hackers had gained control of and destroyed a water pump in Springfield, IL by using exploits in the SCADA control systems.
Now, it’s clear the report was deeply flawed – the pump burned out for entirely ordinary reasons. The initial memo revealed that someone using a system administrator’s credentials had accessed the system from an IP address traceable to Russia. No follow up was done with the actual credential holder to find out if there was an explanation. It turned out, of course, that the system administrator had logged in while on vacation in Russia – the access was entirely explainable and benign.
The world is a strange place, and so it is theoretically possible that Russian hackers would have some reason to hack into an water pump in a small American town – but this story just shows how important it is to apply a good old-fashioned Bullshit-Detector to any out-of-the-ordinary stories in the press. When I first heard the report, I was extremely skeptical – a SCADA attack is, by all accounts, extremely resource intensive. You have to actually research the equipment in use and how it’s configured, and then configure your attack accordingly. It’s an attack that is very unlikely to target indiscriminately – you need to know what you’re attacking and what you want to do to it. With that in mind, it seems entirely unlikely that someone would use this capability in such a small way against such an insignificant target.
It just proves the old maxim – don’t assume malice when incompetence is equally likely.