U.S. probe confirms foreign cyberattack on New York dam control system

Dam Safety & Security
U.S. Sen. Charles Schumer, right, speaks at a campaign event in Lawrence, N.Y., on March 11. Schumer says an alleged Iranian cyberattack on a damn in the suburbs north of New York City is a "shot across the bow" of the United States. He is calling for tougher sanctions against Iran in response. At Schumer's right is Todd Kaminsky, a Democratic candidate for the New York state Senate. (AP Photo/Frank Eltman)

A U.S. official, on March 10, said a Justice Department probe has found Iran was responsible for a 2013 cyberattack on the control system at the 20-foot-tall Bowman Avenue Dam in Rye Brooke, N.Y., 20 miles from New York City.

The attackers were later identified in a classified Department of Homeland Security report as being the same Iranian group alleged to have been responsible for attacks on PNC Financial Services Group, SunTrust, and Capital One Financial.

The official was not authorized to speak publicly about the ongoing criminal investigation and spoke to The Associated Press on condition of anonymity.

First reported by the Wall Street Journal in 2015, the intrusion was made possible by a broadband cellular modem used to connect the small facility to the Internet. The targeted network scan for industrial control systems exposed to the Internet prompted a federal investigation.

The official said investigators have determined Iran was responsible for the incident and that an indictment would be handed down in the case from the U.S. attorney's office in Manhattan. It was not clear whether the indictment would name specific people within the Iranian government.

Although Bowman Avenue Dam does not generate power, cyber criminals gained access to the scheme through a cellular modem and used the breach to probe the dam’s computer system.

Government intelligence agencies noticed the breach while conducting a broader investigation of computers believed to be linked to Iranian hackers.

Earlier in 2015, DHS revealed the extent of the problem by saying that its Industrial Control Systems Cyber Emergency Response Team responded to 245 “incidents” during the fiscal year ending in February. DHS said those incidents targeted manufacturing, energy, nuclear, transportation and water facilities.

According to the 2015 DHS Dams Sector-Specific Plan, an annex of the National Infrastructure Protection Plan, persistent risks in the Dams Sector include natural disasters, structural issues from internal and external erosion, and deliberate attacks on physical or cyber infrastructure.

The report also says, in part, “The cyber risk landscape may change as some owners and operators upgrade to modern control systems with standardized hardware or transition to remote monitoring and control processes.”

The Federal Energy Regulatory Commission recently raised concerns about another area that is not covered by federal cybersecurity rules: contractors who sell energy companies software and equipment. Attackers have used outside companies to pull off hacks against energy companies.
 

Did You Like this Article? Get All the Energy Industry News Delivered to Your Inbox

Subscribe to an email newsletter today at no cost and receive the latest news and information.

 Subscribe Now

Whitepapers

The Time is Right for Optimum Reliability: Capital-Intensive Industries and Asset Performance Management

Imagine a plant that is no longer at risk of a random shutdown. Imagine not worrying about losing...

Going Digital: The New Normal in Oil & Gas

In this whitepaper you will learn how Keystone Engineering, ONGC, and Saipem are using software t...

Maximizing Operational Excellence

In a recent survey conducted by PennEnergy Research, 70% of surveyed energy industry professional...

Leveraging the Power of Information in the Energy Industry

Information Governance is about more than compliance. It’s about using your information to drive ...

Latest PennEnergy Jobs

PennEnergy Oil & Gas Jobs