Hackers with ‘Syria Ties’ Infiltrate Water Utility’s Control System
March 31, 2016
Shah Sheikh (1294 articles)

Hackers with ‘Syria Ties’ Infiltrate Water Utility’s Control System

According to The Register, a UK-based news site about tech security and related issues, “hackers infiltrated a water utility’s control system and changed the levels of chemicals being used to treat tap water.”

The hackers had “ties to Syria,” and the attack, although the location of the utility has not been revealed and its name has been changed in reports, seems most likely to have taken place in the United States.

This is yet another indication of how determined jihad terrorists are to murder Americans in large numbers.

Revelation of this attack comes from the March 2016 security breach reportpublished by Verizon Security Solutions, which referred to the water plant that was attacked with the alias “Kemuri Water Company (KWC).” It explained how the hackers had been able to burrow deeply and repeatedly inside the workings of the company. They were only stopped from doing massive damage by their ignorance of how water plants actually operated:

Our endpoint forensic analysis revealed a linkage with the recent pattern of unauthorised crossover. Using the same credentials found on the payment app webserver, the threat actors were able to interface with the water district’s valve and flow control application, also running on the AS400 system. We also discovered four separate connections over a 60-day period, leading right up to our assessment.During these connections, the threat actors modified application settings with little apparent knowledge of how the flow control system worked. In at least two instances, they managed to manipulate the system to alter the amount of chemicals that went into the water supply and thus handicap water treatment and production capabilities so that the recovery time to replenish water supplies increased.

Fortunately, based on alert functionality, KWC was able to quickly identify and reverse the chemical and flow changes, largely minimising the impact on customers. No clear motive for the attack was found.

A likely motive can be easily surmised, however, as The Register report also noted:

“[T]he same hack also resulted in the exposure of personal information of the utility’s 2.5 million customers. There’s no evidence that this has been monetised or used to commit fraud.”

That, along with the manipulation of the chemicals, essentially rules out the possibility that the hackers’ motivation was simple identity theft. These hackers with ties to Syria (possibly implying the Islamic State, which has repeatedly stated its desire to murder American civilians) were likely trying to figure out a way to poison the water supply and kill people in large numbers.

It has long been known that jihadis have considered poisoning the water supply in a major American city:

Given Verizon’s involvement in the incident at the “Kemuri Water Company,” the “KWC” is most likely a water company inside the United States. All the other incidents discussed in the report linked in The Register’s article took place in America.

In light of the jihadi determination to kill as many Americans as possible, it is virtually certain that they will try again. The security of water treatment plants and other facilities that if hacked and compromised could result in mass death is a serious national security issue. Of course, this means that for the Obama administration it is something to be ignored, or addressed only in the context of “Muslim outreach.”