This Smells to High Holy Heaven': Feds Say Hack of Illinois Water Utility Not True

Federal authorities say reports that emerged last week of a utility system hack that allegedly caused a water pump failure in Illinois' capital city aren't true. The controls system expert who first reported to the attack though has expressed frustration over denial of "black and white" facts in the report.

Department of Homeland Security spokesman Chris Ortman says initial reports over the weekend about the failure in Springfield were based on raw and unconfirmed data.

He said in a statement that detailed analysis by DHS and the FBI found no evidence of a cyber intrusion or any malicious activity. Homeland security officials have said in the past that they investigate every piece of intelligence that comes into the agency.

At the time when reports of a potential hack emerged last week, we reported that an employee noticed problems in the city’s Supervisory Control and Data Acquisition System (SCADA), which kept turning on and off and resulted in a pump burnout. It was reported that customer usernames and passwords were stolen, allowing the hacker to gain access to the utility's network.

With this recent denial of cause for the burnout by government agencies, Wired is reporting that Joseph Weiss, the system controls expert who first reported the attack, is skeptical of the feds claim that this attack was misinterpreted:

“This smells to high holy heaven, because when you look at the Illinois report, nowhere was the word preliminary ever used,” Weiss said, noting that the fusion center — which is composed of Illinois state police, as well as representatives from the FBI and DHS — distributed the report to other critical infrastructure facilities in that state. “It was just laying out facts. How do the facts all of a sudden all fall apart?”

[...]

“There’s a lot of black and white stuff in that report,” he said. “Either there is or there isn’t a Russian IP address in there. It’s hard to miss that. This stuff about the vendor being hacked…. How can two government agencies be so at odds at what’s going on here? Did the fusion center screw up, or is the fusion center being thrown under the bus?”

Last week, the facility went unnamed at first but later identified as the Curran-Gardner Townships Public Water District's facility, according to CNET. At this later time plant officials said they weren't sure what the official cause was. The district has multiple pumps and there never was a break in service to about 2,200 rural customers.

The Associated Press contributed to this report.