The Washington Post

Federal officials find no proof of cyberattack on water pump in Illinois

Federal officials said Wednesday they have found no evidence to support an initial state report that foreign hackers caused a pump at an Illinois water plant to fail this month.

The preliminary report, collected by a statewide terrorist intelligence center in Illinois, had said that a Russian hacker had taken control of the operating system at the water plant in Springfield. The pump turned on and off repeatedly, burning out the motor, the report said.

Security expert Joe Weiss obtained the report and read it to The Washington Post. If confirmed, the incident would have been the first report of a cyber­attack causing physical damage to a water system in the United States.

But the Department of Homeland Security and the FBI said they could not confirm reports of a cyber­attack. DHS spokesman Chris Ortman called the Illinois state report nothing more than “raw, unconfirmed data.”

He said that the federal investigation also could not confirm the report’s claim that hackers broke into a software company’s database and retrieved user names and passwords, which enabled access to the water plant system.

“In addition,” Ortman said, “DHS and FBI have concluded that there was no malicious traffic from Russia or any foreign entities, as previously reported.”

Officials from the state intelligence center did not return phone calls seeking comment Wednesday.

Weiss said that federal officials were seeking a degree of proof impractical for such a cyberattack. The control system at the Illinois plant probably does not log signals sent to the water pumps and, as a result, would contain no data on who might have gained access to the system, he said. “Control systems don’t have that kind of logging.”

The pump was having problems, Don Craven, a trustee on the Curran-Gardner water board, said in a phone interview. “We noticed some glitches,” Craven said. The district passed the information to the state Environmental Protection Agency, he said.

Craven said the board later saw a report — he did not recall from which agency — that “came to the conclusion that somebody had hacked into the system.”

Robert Green, another water board member, said that the water district manager told him “there were some intrusions.”

“They think some people hacked it, but they weren’t in long enough to do anything,” he said.

Green said that there were some glitches with the pump. “But was it the pump,” he said, “or was it a hacker, or was it something that went wrong in the [control] system, too?”

Ellen Nakashima is a national security reporter for The Washington Post. She focuses on issues relating to intelligence, technology and civil liberties.



Success! Check your inbox for details. You might also like:

Please enter a valid email address

See all newsletters

Show Comments

Sign up for email updates from the "Confronting the Caliphate" series.

You have signed up for the "Confronting the Caliphate" series.

Thank you for signing up
You'll receive e-mail when new stories are published in this series.
Most Read



Success! Check your inbox for details.

See all newsletters

Your Three. Video curated for you.

To keep reading, please enter your email address.

You’ll also receive from The Washington Post:
  • A free 6-week digital subscription
  • Our daily newsletter in your inbox

Please enter a valid email address

I have read and agree to the Terms of Service and Privacy Policy.

Please indicate agreement.

Thank you.

Check your inbox. We’ve sent an email explaining how to set up an account and activate your free digital subscription.