Hacker Claims He Breached Texas Water Plant

Author: Brian Prince
minute read

A hacker claims to have breached a water utility in Texas and has posted reputed screenshots online to prove it.The water plant targeted by the hacker, who uses the alias “Pr0f”, is in the Harris County city of South Houston. In a post on Pastebin, Pr0f said his actions were in response to what he felt were attempts by the U.S. Department of Homeland Security (DHS) to downplay the threat of cyber-attacks on critical infrastructure in the wake of reports of an attack on a water plant in Illinois.

A hacker claims to have breached a water utility in Texas and has posted reputed screenshots online to prove it.

The water plant targeted by the hacker, who uses the alias “Pr0f”, is in the Harris County city of South Houston. In a post on Pastebin, Pr0f said his actions were in response to what he felt were attempts by the U.S. Department of Homeland Security (DHS) to downplay the threat of cyber-attacks on critical infrastructure in the wake of reports of an attack on a water plant in Illinois.

“Basically, people have no idea what’s going on in terms of industrial control, groups like ICS-CERT (Industrial Control Systems Cyber Emergency Response Team) are too slow/don’t have enough power to react to situations,” he told CNET in an e-mail. “There’s a lot of rubbish information out there that’s being treated seriously, etc. Lot of crap. So I’m putting information out there to show people what kind of systems are vulnerable to basic attacks.”

South Houston Mayor Joe Soto told the Houston Chronicle that no actual damage had been done to the sewer system.

“I don’t really like mindless vandalism,” Pr0f wrote on Pastebin. “It’s stupid and silly. On the other hand, so is connecting interfaces to your SCADA (supervisory control and data acquisition) machinery to the Internet.”

The post by Pr0f follows reports that a cyber-attack may have damaged a water pump in Illinois. According to SCADA security expert Joe Weiss, the incident was detailed in a report from the Illinois Statewide Terrorism and Intelligence Center entitled “Public Water District Cyber Intrusion.” In response to news reports, DHS stated it was investigating the matter and that there was no “credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety.”

“I dislike, immensely, how the DHS tend to downplay how absolutely (expletive) the state of national infrastructure is,” Pr0f wrote on Pastebin.

In the aftermath of initial reports about the situation in Illinois it has been revealed that the focus of the investigation is the Curran-Gardner Townships Public Water District, which serves about 2,200 customers west of Springfield, Ill. Don Craven, a water district trustee, told the State Journal Register that the system is secure and customers were not affected by the water pump’s burnout.

Suggested articles

Cybersecurity for your growing business
Cybersecurity for your growing business

Topics

Show all

Authors

Threatpost

InfoSec Insider

Infosec Insider Post

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Content

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.