Illinois Utility ‘Hack’ Really Just Contractor Doing His Job…While Vacationing in Russia
- Posted on December 1, 2011 at 2:06pm by
Liz Klimas
- Print »
- Email »
It was recently reported that an Illinois water utility experienced what it thought was a hack on its Supervisory Control and Data Acquisition system that resulted in a pump to burn out. This hack, the initial report released by the Illinois Statewide Terrorism and Intelligence Center said, was traced to Russian IP addresses. The Department of Homeland Security soon thereafter came out saying the initial reports were “based on raw and unconfirmed data” and the utility was not in fact hacked.
So what really happened? A new account from Wired reports that a single phone call to one of the contractors hired by the utility to set up the SCADA system would have prevented what was being called the American version of a Stuxnet attack:
“I could have straightened it up with just one phone call, and this would all have been defused,” said Jim Mimlitz, founder and owner of Navionics Research, who helped set up the utility’s control system. ”They assumed Mimlitz would never ever have been in Russia. They shouldn’t have assumed that.”
Mimlitz’s small integrator company helped set up the Supervisory Control and Data Acquisition system (SCADA) used by the Curran Gardner Public Water District outside of Springfield, Illinois, and provided occasional support to the district. His company specializes in SCADA systems, which are used to control and monitor infrastructure and manufacturing equipment.
Mimlitz says last June, he and his family were on vacation in Russia when someone from Curran Gardner called his cell phone seeking advice on a matter and asked Mimlitz to remotely examine some data-history charts stored on the SCADA computer.
Jim Mimlitz, a contractor hired by the Illinois utility, logged into the system while vacationing in Russia. (Photo: Jim Mimlitz via Wired)
Apparently, Mimlitz never mentioned to the utility that he was in Russia or that he remotely logged in again using his mobile phone during a layover. According to Wired, Mimlitz username appears next to the IP addresses in the report. Mimlitz told Wired that he was not manipulating anything remotely that would have turned systems on or off:
Even though Mimlitz’s username was connected to the Russian IP address in the SCADA log, no one from the fusion center bothered to call him to ask if he had logged in to the system from Russia. Instead, the [Illinois Statewide Terrorism and Intelligence Center] released a report on Nov. 10 titled “Public Water District Cyber Intrusion” that connected the broken water pump to the Russian log-in five months earlier, inexplicably stating that the intruder from Russia had turned the SCADA system on and off, causing the pump to burn out.
“And at that point … all hell broke loose,” Craven said.
And now the finger pointing begins. Wired reports that the state police department, which is responsible for the center that wrote the report, said the information for compiling such reports that get released by the center come from local DHS and FBI representatives. DHS fired back saying that if they had approved the report, it would have had approval signatures on it from six offices, which it did not. Wired reports a DHS representative as saying the report did not undergo such a review because it was a fusion center product.
And what of the pump failure? According to Mimlitz, the logs show the pump failed due to an “electrical-mechanical reason” and was unrelated to the SCADA system. He also points out to Wired that nothing in the log references the system being turned on and off.
Joe Weiss of Applied Control Solutions, who provided information to the public about the supposed attack on a blog, said this incident makes the information coming out of the center seem untrustworthy.
[H/T SlashGear]
Comments (22)
Sign In To Post Comments! Sign In
Popular Stories
Does Misstated Marathon Claim Prove Paul Ryan Is Dishonest? (POLL) 694 Comments
Paper Details Obama Admin’s Alleged Secret Note Sent to Iran: If Israel Attacks, We Won’t Get Involved 518 Comments
Roseanne Barr: Most Billionaires ‘Violent Pedophiles’ & ‘Heartless’ Cocaine Addicts 353 Comments
‘Made Up Religion’: TV Historian Enrages Muslims, Receives Threats After Producing UK Documentary Questioning Islam’s Beginnings 342 Comments
This Is the Creationists‘ Response to Scientist Bill Nye’s Viral Pro-Evolution Video Claiming They Harm Children 341 Comments
Faith
- This Is the Creationists‘ Response to Scientist Bill Nye’s Viral Pro-Evolution Video Claiming They Harm Children 341 Comments
Pakistani Muslim Cleric Accused of Framing Disabled Christian Girl in Koran-Burning Case Read More- ‘Made Up Religion’: TV Historian Enrages Muslims, Receives Threats After Producing UK Documentary Questioning Islam’s Beginnings 342 Comments
Meet the Controversial German Imam Accused of Brutally Beating His Wife & Pushing Sharia Law Read More
‘Self-Proclaimed Messiah’ & Unification Church Leader the Rev. Sun Myung Moon Has Died — Here’s His Life Story Read More
Business
President Obama Issues Major ‘Green Energy’ Executive Order 261 Comments- Germany’s Upcoming Court Ruling Will be Huge for the EU Read More
Ford Looks to Beat Toyota for Best-Selling Car in 2012 With This Model 148 Comments
Bernanke & QE3: Here’s What You Need to Know Read More- ‘Extortion’: Why Did the Labor Department ‘Drop the Hammer’ on Oregon Farmers? 302 Comments
Technology
- This Is the Creationists‘ Response to Scientist Bill Nye’s Viral Pro-Evolution Video Claiming They Harm Children 341 Comments
‘TaserDrone’: Hackers Weaponize Quadcopter With Actual ‘Shocking’ Technology Read More
Ever Heard of the Wild ‘Burning Man’ Festival in the Middle of the Nev. Desert? Here’s Your Primer Read More
Stanford Develops Technology ‘Better Than Steroids’ for Athlete Recovery Read More
Have You Pretended to Know What ‘the Cloud’ Is? You’re Not Alone Read More
Submitting your tip... please wait!
General Chaud Caliente
Posted on January 31, 2012 at 4:24pmWell DUH! It’s Illinois.
Dante himself couldn’t have come up with three better layers of hell than Illinois, Cook County and Chicago.
Report Post »certified ethical hacker
Posted on December 6, 2011 at 3:42pmso was this a pen test? lmao
Report Post »idarusskie
Posted on December 2, 2011 at 9:11amits obvious that his wife is Russian so ya he would take a vacation in Russia. Russia is actually nice in summer.
Report Post »Lesbian Packing Hollow Points
Posted on December 2, 2011 at 7:33am“… said this incident makes the information coming out of the center seem untrustworthy.”
Ya think? It’s coming out of a government bureaucracy. OF COURSE IT’S UNTRUSTWORTHY!
This is a classic example of monkeys trying to use tools that are too advanced for them. The system told them they were accessed from Russia and their little monkey brains couldn’t handle that and they flew into a panic… Prolly feces on the walls of the water treatment plant control room that still needs to be cleaned off.
Report Post »Molaki
Posted on December 2, 2011 at 7:19amHey Shamrock….if they called his cell phone, it is a “local number” which is then routed via the network to wherever he is located. So no, they did not need to dial a “7”. I lived in Singapore and my friends in PA only had to call my local cell phone number to reach me. DUH!!!
Report Post »loriann12
Posted on December 2, 2011 at 7:36amThen you’re unusual. I can’t call my BIL with his cell phone number when he visits the Netherlands. It’s an international call and it says out of range.
Report Post »Shamrock241
Posted on December 1, 2011 at 8:41pmI call B.S. in the artical it says they did not know he (the contractor) was in Russia, but they called him. You have to dial +7 when calling Russia so for him to have ever contacted this worker if would have to have dial the correct numbers.
Report Post »Ruler4You
Posted on December 1, 2011 at 8:59pmI agree. Like every red blooded American ‘vacations’ in Russia. Sorry. I’m not hungry for that B.S.
Report Post »taberphoto.com
Posted on December 1, 2011 at 9:13pmnot necessarily. his phone could have been forwarded to a skype account and he could have communicated via voice that way from any where in the world where he had a data connection on his smartphone.
Report Post »JUSTANOTHEROPINION
Posted on December 1, 2011 at 9:24pmDue to the importance of this gentlemen’s job anyone one with a thought process would assume he has a satellite phone which does not necessitate an international phone code. You SHAM(rock). Jeez, you people and your conspiracy theories.
Report Post »feckingmorons
Posted on December 1, 2011 at 9:42pmIf you take your mobile phone to Russia it keeps the same phone number. If it is 212-555-1234 to call you when you are at home when you roam with that phone the same number rings it anywhere in the world.
I get calls all the time from relatives at home when I am traveling, and yes even in Russia.
Report Post »DirtyDeeds
Posted on December 2, 2011 at 1:23amHe’s got to be an American spy, probably a bad one and he is probably running a test on infrastructure. My guess is that the test wasn’t completed correctly, that’s my conspiracy theory. The other dude was right, who vacations in Russia? I hear that at Disney Land Russia, the mouse will send you to Siberia if you do not have fun in the motherland.
Report Post »Molaki
Posted on December 2, 2011 at 7:22amHey Shamrock….if they called his cell phone, it was a local call that was just routed on the network to his location. I lived in Singapore and my friends back in PA only had to call my local cell phone number to reach me over there. So, no “7” required and no conspiracy here.
DUH!!!!
Report Post »Caerus
Posted on December 1, 2011 at 8:13pmI love the picture. As an older sister, I remember those family pictures where I would push my younger siblings away when they tried to get close (ewww, he’s touching me! mom!!!). Too funny.
Report Post »FEMALL
Posted on December 1, 2011 at 8:00pmHomer,Marge,Bart, Lisa and Maggie at Stalin World. hahahahahahahahaha
O<Smarter than Meghan McCain
Report Post »ZengaPA65
Posted on December 1, 2011 at 7:54pmIt wasn’t really hackers!?!?!? OMG! Tell us something we didn’t know.
Report Post »dd41
Posted on December 1, 2011 at 6:49pmC,mon its Illinois. whay else has come from Illinois thats got everything screwed up?
Report Post »jColes
Posted on December 1, 2011 at 6:21pmThe goons & buffoons at these FEMA & state terrorism reaction centers WANT some kind of attack against us to justify their worthless and expensive existence.
Report Post »With “Big Sis” in the lead, these Gibbons (primitime arborreal apes) manage to squander billions of dollars per year while accomplishing very, very little that can legitimately be called ‘defense’ of the homeland.
So, yeah, creeps — point your fingers at each other…that‘s about all you’re good for.
Alan
Posted on December 1, 2011 at 6:13pmThree cheers for bumbling leap-to-the-wrong-conclusion bureaucracy! Hip, hip: hurrah! Hip, hip: hurrah! Hip, hip: hurrah!
Report Post »TJexcite
Posted on December 1, 2011 at 6:03pmOccam’s Razor. The simpler explanations are.. better than more complex ones.
But when multiply levels government agency are involved complex answer are given when simple answers are likely the case.
Report Post »mcFirst
Posted on December 1, 2011 at 5:56pmfew companies have the means to decode real attacks
Report Post »martinez012577
Posted on December 1, 2011 at 5:35pmGot to love red tape and morons grouped together.
Report Post »