Water Utility Hack Destroys Pump

Event Year: 2011 Reliability: Confirmed
Country: United States
Industry Type: Water/Waste Water

The control system of the city water utility in Springfield, Illinois was hacked.  Hackers gained remote access to the control system causing the system to turn on and off repeatedly leading to the burnout of a water pump.  On November 8, 2011 ,  a water district employee detected the problems in the SCADA system.  The “Public Water District Cyber Intrusion” report was released by the Illinois Statewide Terrorism and Intelligence Center indicated that forensic evidence suggests that hackers may have accessed the system as early as September 2011. 

According the report, The cyber attack was launched from an IP address in Russia and gained access by first hacking into the network of a software vendor that makes the SCADA system used by the utility.  Usernames and passwords were stolen from a control system vendor by the hackers and used them to access the water utilities network. 

Joe Weiss, a managing partner for Applied Control Solutions, said that he obtained the report on the condition that the water utility and its location were not disclosed.  The US Department of Homeland Security released a statement indicating that the utility was located in Springfield, Illinois. Weiss published some details of the hack to bring attention to the incident reporting concerns that the ability of the US government to secure critical infrastructure.

Federal officials say they are investigating to determine if a cyber attack was responsible for the failure of a water pump failure and disputed the statements made by Joe Weiss.

Update:  Federal Officials believe there was no cyber attack on the water utility in Illinois saying the initial report from the Illinois counterterrorism center was wrong.  Homeland Security spokesman Chris Ortman said the Illinois report was inaccurate.  “There is no evidence to support claims made in the initial reports-which were based on raw, unconfirmed data and subsequently leaked to the media,”  Mr. Ortman told the Washington Times.  He also said a special team of federal investigators concluded “that there was no malicious traffic from Russia or any foreign entities” in the logs they examined from the utility.

A Homeland Security official confirmed that the Russian IP address had been discovered in the utility’s computer system records because “a contractor in Russia on personal travel had logged on” from there to do work on it.

The director of the Illinois State Police has launched an inquiry into how the initial report was written and why it was circulated, spokeswoman Monique Bond said.


The SCADA system of a water utility was hacked.  As a result, the system turned on and off repeadedly leading to the burnout of a water pump.