Iranian hackers targeted New York dam, had a quick nosy around
US has highest number of industrial-control systems online, says security bods
Iranian hackers penetrated the online control system of a New York dam in 2013, according to reports, and poked around inside the system.
The Wall Street Journal reported that hackers gained access to the dam through a cellular modem, according to an unclassified Homeland Security summary of the case.
Two sources said the summary refers to the Bowman Avenue Dam, a small facility 20 miles outside of New York. They said the hackers didn’t take control of the dam but probed the system, citing people familiar with the matter.
The Department of Homeland Security has declined to comment on the incident.
US intelligence agencies noticed the intrusion as they monitored computers they believed were linked to Iranian hackers targeting American firms, according to people familiar with the matter.
The analysts detected a machine that was crawling the internet for vulnerable US industrial-control systems. The hackers appeared to be focusing on certain internet addresses, according to the people.
The US has the highest number of industrial-control systems connected to the internet in the world, with 57,000 systems, according to researchers at Shodan.
An attack on a German industrial-controlled system occurred last December, with hackers causing "serious damage" to a German steel mill and wrecking one of its blast furnaces.
The hack of the unnamed mill, detailed in the annual report of the German Federal Office of Information Security, was pulled off after a victim fell for a phishing email. ®