Media
Dec 1, 2011
Protecting Water Treatment Facilities from Cyber Attacks
Protecting Water Treatment Facilities from Cyber Attacks: Are You Prepared?
Recently the media has reported that on November 8, a water treatment plant near Springfield, Illinois was the victim of a cyber attack in which a water pump was repeatedly turned on and off until it failed. The attackers were reportedly Russian hackers who obtained access to the water treatment plant’s SCADA (Supervisory Control and Data Acquisition) system. SCADA systems, which help to control critical infrastructure, are specialized computers that operate the city’s water treatment facilities. “DHS and the FBI have concluded that there was no malicious or unauthorized traffic from Russia or any foreign entities, as previously reported.” While this incident was a false alarm, it is imperative the public works professionals are proactive in protecting water treatment facilities and other critical infrastructure systems that could become a victim of cyber terrorism.
Cyber Terrorism is the newest—and perhaps one of the most destructive—forms of terrorism in the 21st Century. When cyber systems are breached it can cripple national, economic, and government functions. As guardians of critical infrastructure, public works agencies value the security of their cyber systems, as they help run traffic management systems, water treatment facilities, emergency services/communications, and other operations and services. In order for communities to be capable of managing emergency situations, it is imperative that public works’ cyber systems that control critical infrastructure are resilient to both terrorist threats and attacks, or natural disasters. The following resources are provided for agencies to assess the security of networks:
For more information on the false alarm, go to: http://www.gsnmagazine.com/article/25092/il_water_system_pump_failure_not_cyber_attack
To access the document, 21 Steps to Improve Cyber Security of SCADA Networks, distributed by the President’s Critical Infrastructure Protection Board and the Department of Energy, go to:
http://www.oe.netl.doe.gov/docs/prepare/21stepsbooklet.pdf
For additional information on how to secure your facility, or report a cyber threat or attack, please visit the Department of Homeland Security’s Cyber Security webpage:
http://www.dhs.gov/files/cybersecurity.shtm.
For information on the Cyber Security Evaluation Tool, a downloadable desktop software tool that guides industrial control system owners and operators through a step-by-step process for assessing the cyber security of their networks, go to:
http://www.us-cert.gov/control_systems/satool.html
For the DHS Computer Emergency Readiness Team Cyber Security Tips which describe and offer advice about common security issues for non-technical computer users, go to:
http://www.us-cert.gov/cas/tips/
For additional information on DHS Critical Infrastructure Protection, go to:
http://www.dhs.gov/files/programs/critical.shtm.
For additional information on the Canadian Cyber Incident Response Centre, go to: http://www.publicsafety.gc.ca/prg/em/ccirc/index-eng.aspx.
Recently the media has reported that on November 8, a water treatment plant near Springfield, Illinois was the victim of a cyber attack in which a water pump was repeatedly turned on and off until it failed. The attackers were reportedly Russian hackers who obtained access to the water treatment plant’s SCADA (Supervisory Control and Data Acquisition) system. SCADA systems, which help to control critical infrastructure, are specialized computers that operate the city’s water treatment facilities. “DHS and the FBI have concluded that there was no malicious or unauthorized traffic from Russia or any foreign entities, as previously reported.” While this incident was a false alarm, it is imperative the public works professionals are proactive in protecting water treatment facilities and other critical infrastructure systems that could become a victim of cyber terrorism.
Cyber Terrorism is the newest—and perhaps one of the most destructive—forms of terrorism in the 21st Century. When cyber systems are breached it can cripple national, economic, and government functions. As guardians of critical infrastructure, public works agencies value the security of their cyber systems, as they help run traffic management systems, water treatment facilities, emergency services/communications, and other operations and services. In order for communities to be capable of managing emergency situations, it is imperative that public works’ cyber systems that control critical infrastructure are resilient to both terrorist threats and attacks, or natural disasters. The following resources are provided for agencies to assess the security of networks:
For more information on the false alarm, go to: http://www.gsnmagazine.com/article/25092/il_water_system_pump_failure_not_cyber_attack
To access the document, 21 Steps to Improve Cyber Security of SCADA Networks, distributed by the President’s Critical Infrastructure Protection Board and the Department of Energy, go to:
http://www.oe.netl.doe.gov/docs/prepare/21stepsbooklet.pdf
For additional information on how to secure your facility, or report a cyber threat or attack, please visit the Department of Homeland Security’s Cyber Security webpage:
http://www.dhs.gov/files/cybersecurity.shtm.
For information on the Cyber Security Evaluation Tool, a downloadable desktop software tool that guides industrial control system owners and operators through a step-by-step process for assessing the cyber security of their networks, go to:
http://www.us-cert.gov/control_systems/satool.html
For the DHS Computer Emergency Readiness Team Cyber Security Tips which describe and offer advice about common security issues for non-technical computer users, go to:
http://www.us-cert.gov/cas/tips/
For additional information on DHS Critical Infrastructure Protection, go to:
http://www.dhs.gov/files/programs/critical.shtm.
For additional information on the Canadian Cyber Incident Response Centre, go to: http://www.publicsafety.gc.ca/prg/em/ccirc/index-eng.aspx.
