A foreign hacker who penetrated security at a Harrisburg, Pa., water filtering plant is under investigation by the FBI for planting malicious software capable of affecting the plant's water treatment operations, ABC News has learned.
The hacker tried to covertly use the computer system as its own distribution system for e-mails or pirated software, officials told ABC.
"The concern was high because it is a computer that controls an important infrastructure system, and if, for some reason, it caused it to fail, it would have disrupted service," said Special Agent Jerri Williams of the FBI's Philadelphia field office.
THE BLOTTER RECOMMENDS
The Columbus Day weekend intrusion is the fourth recorded cyber-attack on a U.S. water supply in the past four years, according to the records of WaterISAC, an industry information sharing and analysis center with members from among more than 1,000 drinking water and wastewater systems in the United States.
The hacker operating on the Internet tapped into an employee's laptop and then used an employee's remote access as the point of entry and installed a virus and spyware in the water plant computer system. Following the intrusion, the plant changed all passwords to the system and eliminated home access to the system.
"This is very common...computer hackers try to gain control of systems to use them as a resource to distribute e-mails, pirated software. It does not appear that this particular computer was hacked into for any other reason," said Special Agent Williams.
In one of three past attacks cited by WaterISAC, hackers used a Korea-based telecom to launch a denial of service attack on one water supply. In a second, they penetrated a top-level data control and acquisition system on a California irrigation district wastewater treatment plant. And in a third, they announced their entry into the computer system with a message, "I enter in your server like you in Iraq."
"We are seeing an increase in reporting," said WaterISAC Executive Director Diane Van De Hei. Prior to Sept. 11, 2001, most of the incidents were managed locally, she said.
WaterISAC was established in December 2002. The private sector group uses "push" e-mail technology to distribute information from the Department of Homeland Security, EPA and other government agencies to more than 10,000 clients in the water utility sector.
According to a 2006 Computer Crime and Security Survey by the San Francisco-based Computer Security Institute, 52 percent of 616 survey respondents reported unauthorized use of their computer systems in the past 12 months.