WASHINGTON — A water pump failure in Illinois that appeared to be the first foreign cyber attack on a public utility in the United States was in fact caused by a plant contractor traveling in Russia, the Washington Post reported Saturday, citing an unnamed person familiar with a federal investigation of the incident.
Investigators analyzed log files and connections to foreign Internet protocol addresses within the computer system of the Curran-Gardner Townships Public Water District in Springfield, the Post reported. The contractor, who had remote access to the computer system, was in Russia on personal business.
The suspicion of foreign hacking was raised in a report by the Illinois Statewide Terrorism and Intelligence Center that was obtained by a control systems industry expert. The expert, Joe Weiss, alerted the news media to the suspected intrusion.
But officials at the Department of Homeland Security, which was alerted to the Illinois report on Nov. 16, cautioned from the outset that the report contained "no credible, corroborated data."
DHS and FBI officials who took part in an inquiry concluded there was no malicious or unauthorized traffic from Russia, as stated in the preliminary Illinois report.
Plant and federal officials are still investigating the cause of the pump's failure.