Hints that Simple Password May Link to Water Treatment Plant Breakin

Recent Attacks in Texas and Illinois

Recent incidents hitting U.S. infrastructure, especially water treatment plants, may indicate that the plants are more vulnerable to cyber attacks than previous thought.

Siemens said November 22 it is working with the DHS to investigate a cyber intrusion into a water treatment plant in South Houston, Texas, but could not confirm a default, three-digit password, hard coded into an application used to control the supervisory control and data acquisition SCADA software played a role. The hacker, who goes by the handle pr0f, described using an easy to crack three character password that provided access to Siemens Simatic HMI software. That description matches that of the default password assigned to new user accounts with Sm@rtService and Sm@rtClient, two applications used to remotely access Simatic HMI WinCC installations, according to Siemens documentation reviewed by Threatpost. In a statement November 22, Siemens said it is aware of the breach in South Houston in which control graphics screen shots were taken from the system and posted on the Internet. The company said it did not know of any malicious actions associated with the breach, but that it is in close contact with the U.S. Industrial Control Systems Cyber Emergency Response Team to support ongoing investigations about the incident, Siemens said. A Siemens spokesman could not confirm the hack took advantage of a default password used by the application, or one configured by officials in South Houston. However, he acknowledged that older versions of the WinCC application use three-character default passwords.

In a somewhat related incident, a suspected hacker living in Russia destroyed a pump at a water treatment plant in Springfield, Illinois, in a suspected cyber attack. The incident, which took place on November 8, was revealed by computer security expert Joe Weiss, who referred on his blog to the official record of the attack. Citing the Illinois Statewide Terrorism and Intelligence Center's report, he wrote that the hacker stole user names and passwords from a U.S. company that writes software and used them to access the control system of a public water treatment plant. They then powered the system on and off repeatedly, causing a water pump to burn out.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.

Infrastructure Security Concerns Grow

Hints that Simple Password May Link to Water Treatment Plant Breakin

Recent Attacks in Texas and Illinois

Blog Topics

Security Blog

On the Track of OSAC

Blog Roll

Security Industry Association

Security Magazine's Daily News

SIA FREE Email News

SDM Blog

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

Infrastructure Security Concerns Grow

Hints that Simple Password May Link to Water Treatment Plant Breakin

Recent Attacks in Texas and Illinois

Share This Story

Blog Topics

Blog Roll

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.