“After detailed analysis, DHS and the FBI have found no evidence of a cyber intrusion into the SCADA system of the Curran-Gardner Public Water District in Springfield, Illinois,” said the researchers from ISC CERT in an email sent to members of the Industrial Control Systems Joint Working Group.
“There is no evidence to support claims made in the initial Fusion Center report – which was based on raw, unconfirmed data and subsequently leaked to the media – that any credentials were stolen, or that the vendor was involved in any malicious activity that led to a pump failure at the water plant,” they claim. “In addition, DHS and FBI have concluded that there was no malicious or unauthorized traffic from Russia or any foreign entities, as previously reported.”
The investigation followed last Friday’s revelation that a Fusion Center report contained claims that hackers were behind the destruction of a water pump in Springfield.
“In a separate incident, a hacker recently claimed to have accessed an industrial control system responsible for water supply at another U.S. utility,” added the investigators. “The hacker posted a series of images allegedly obtained from the system. ICS-CERT is assisting the FBI to gather more information about this incident.”
“How can two government agencies be so at odds at what’s going on here? Did the fusion center screw up, or is the fusion center being thrown under the bus?” commented Joe Weiss, the security expert who discovered the initial Fusion Center report and reported on it. “There’s a lot of black and white stuff in that report. Either there is or there isn’t a Russian IP address in there. It’s hard to miss that.”