America’s critical infrastructure security response system is broken

December 1, 2011
Cyber Security, FedCyber Wire, Incidents
No Comment

The flap over the reported water utility hack in Illinois begs the question: Is the reporting system that the U.S. has set up to identify cyberattacks on critical infrastructure broken and in need of re-thinking?

FBI, DHS say no evidence of a hack in an Illinois water district pump failure

Since the year 2000, the Department of Homeland Security (DHS) has encouraged states and cities to establish so-called “Fusion Centers” to operate under local control and collect information from the likes of power companies and water utilities about incidents that might have national-security implications.

There are now 72 of these Fusion Centers in the U.S., which vary in their practices, according to DHS. When one of them, the Illinois Statewide Terrorism and Intelligence Center (STIC), issued a brief report on Nov. 10 titled “Public Water District Cyber Intrusion,” it led to a firestorm of controversy, putting what has been a secretive reporting system in the harsh glare of the public spotlight, and highlighting the intrinsic weakness in the way the U.S. critical-infrastructure incident reporting system works today.

The Illinois STIC report said there had been a cyberattack from Russia on a SCADA (supervisory control and data acquisition) system used by an unnamed Illinois water-supply company to control its water pumps, leading to the burnout of a pump as it was repeatedly turned on and off. In addition, the STIC report said an unnamed information technical services company looking at the SCADA system believed the hackers had been going after the SCADA system for several months, trying to get user names and passwords.

The STIC report was sent on to the DHS for its review, which DHS says is the usual process. But the DHS’ Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) later said it was only “made aware of” the report on Nov. 16.

The report, shared among those associated with the Illinois STIC, was expected to remain confidential. But the operator of a utility company associated with the Illinois STIC, who was troubled by this report and looking for advice, shared it with a well-known energy-industry consultant, Joe Weiss, head of Applied Control Solutions.

via Networkworld, continued here.