We’re going to start, more or less, at the beginning: Joe Weiss, posting on the Unfettered Blog on November 17th:
Water System Hack – The System Is Broken
Last week, a disclosure was made about a public water district SCADA system hack. There are a number of very important issues in this disclosure: The disclosure was made by a state organization, but has not been disclosed by the Water ISAC, the DHS Daily unclassified report, the ICS-CERT, etc. Consequently, none of the water utilities I have spoken to were aware of it. It is believed the SCADA software vendor was hacked and customer usernames and passwords stolen. The IP address of the attacker was traced back to Russia. It is unknown if other water system SCADA users have been attacked. Like Maroochy, minor glitches were observed in remote access to the SCADA system for 2-3 months before it was identified as a cyber attack. There was damage – the SCADA system was powered on and off, burning out a water pump. There are a number of actions that should be taken because of this incident. Provide better coordination and disclosure by the government. Provide better information sharing with industry. Provide control system cybersecurity training and policies. Implement control system forensics.
xxxx