In November, 2011, Threatpost was one of the few publications in the U.S. to delve into the details of the first confirmed cyber attack on industrial control systems in the U.S.: a November attack on the city of South Houston, Texas Water and Sewer Department.
Threatpost was among the first news Web sites to pick up on the story. In a series of stories, reporter and editor Paul Roberts uncovered and reported critical details of the incident. Notably: Threatpost broke the news that the hacker responsible for the attack, who used the online handle “Pr0f,” exploited a default three character password in software from Siemens Inc. to gain control of systems South Houston used to manage the district’s water pumps and other infrastructure.
Roberts was among a small number of journalists who were able to contact and communicate directly with “Pr0f” about his actions and motivations for the attack. Both his November 20, 2011 story “Hacker Says Texas Town Used Three Character Password To Secure Internet Facing SCADA System” and the November 22 “Was the Three Character Password Used to Hack South Houston’s Water Treatment Plant a Siemens Default?” attracted the attention of national media outlets and prompted the U.S. Department of Homeland Security (DHS) to issue a warning in December, 2011 to operators and owners of critical infrastructure in the U.S. to watch out for industrial control systems that may be accessible from the Internet.