Anybody have any more information? Answers to questions like, what software was it?, is it real?, etc.
A piece of the article I read mentioned Siemens…
I saw that. Didn’t mention the vendor, district, etc.
Looks real. The guy’s pastebin rant mentioned Simatic by name… another summary can be read on Joel Langill’s blog…
Similar to the Springfield attack, this one had HMI-level access which from what we see on the screenshots, could have caused more damage than just burning out a pump. The Springfield attack followed a breach of the integrator’s database containing site remote access url’s, usernames, and passwords, so the attacker just “walked in the front door” so to speak using their credentials.
The Houston attack looks like more of a direct assault.
Eric Byres put out his perspective of it on his blog.
When is a hack not a hack?
A water-pump failure in Illinois that appeared to be the first foreign cyberattack on a public utility in the United States was in fact caused by a plant contractor traveling in Russia, according to a source familiar with a federal investigation of the incident.
I laughed when I read that article. Gotta love an old fashioned over reaction. At our supervisor meeting after the “hack” was first published, four people brought me newspaper clippings of the article and were spelling doom and gloom.