Federal investigators have concluded that a burned out pump at an Illinois water treatment facility was not caused by foreign hacking, the Department of Homeland Security said Tuesday.
DHS and the FBI were working with the Curran-Gardner Public Water District in Springfield, Illinois, to try to determine why the pump burned out earlier this month.
"DHS and FBI have concluded that there was no malicious traffic from Russia or any foreign entities, as previously reported," DHS spokesman Chris Ortman said in an emailed statement.
"My understanding is that the company had some pretty good logs (of traffic in its system) and our people got access to those logs," said a DHS cybersecurity official who spoke privately because he was not authorized to give interviews on the matter. "There are many reasons for a motor or pump to burn out."
Ortman said that there was no evidence that any credentials had been stolen.
The Illinois Statewide Terrorism and Intelligence Center, in a report that had been leaked to reporters last week, had said that hackers entered the network using credentials stolen from a company that makes software used to control industrial systems.
The Terrorism and Intelligence Center was not immediately available for comment on the Department's finding.
Cybersecurity experts have warned for years that portions of the U.S. critical infrastructure — particularly water and electrical plants — have only rudimentary defenses against hackers, in particular the all-important Supervisory Control and Data Acquisition (SCADA) systems which operate the plants.
U.S. investigators are also looking into claims that a hacker broke into computers that run a Texas water system.
Shauna Dunlap, a special agent with the FBI's Houston Division, said on Tuesday that her agency was investigating the matter with assistance the Department of Homeland Security and the utility run by the city, which has a population of 17,000.
A hacker who goes by the handle "pr0f" had published schematic diagrams that appeared to be of facilities from the South Houston water system on a website known as Pastebin.com sometime on Friday.
Stewart Baker, a cyber expert and DHS veteran, said that one serious and obvious security problem was that water companies tended to leave default user names and passwords in place when they bought software just because it was easier.
"Their nightmare is 'We're locked out by our own security,"' said Baker, now with the law firm Steptoe and Johnson LLP. "Operational demands trump security."
Additional reporting by Jim Finkle in Boston.
