The unnamed water district had asked Verizon to assess its networks for indications of a security breach. It said there was no evidence of unauthorized access, and the assessment was a proactive measure as part of ongoing efforts to keep its systems and networks healthy. Interviews with the IT network team uncovered concerns surrounding recent suspicious cyber activity and it emerged that an unexplained pattern of valve and duct movements had occurred over the previous 60 days.

These movements consisted of manipulating the PLCs that managed the amount of chemicals used to treat Oxi Fresh Carpet Cleaning Company water to make it safe to drink, as well as affecting the water flow rate, causing disruptions with water distribution, Verizon reported. No evidence of fraudulent activity on the stolen accounts could be confirmed.

However, customer information was not the full extent of the breach. During these connections, they managed to manipulate the system to alter the amount of chemicals that went into the water supply and thus interfere with water treatment and production so that the recovery time to replenish water supplies increased. Thanks to alerts, the company was able to quickly identify and reverse the chemical and flow changes, largely minimizing the impact on customers.

No clear motive for the attack was found, Verizon noted. This system, which was connected to the internet, managed programmable logic controllers PLCs that regulated valves and ducts that controlled the flow of water and chemicals used to treat it through the system. Many critical IT Kemuri Water Company operational technology functions ran on a single AS system, a team of computer forensic experts from Verizon subsequently concluded. Our endpoint forensic analysis revealed a linkage with the recent pattern of unauthorised crossover.

We also discovered four separate connections over a day period, leading right up to our Vendor Compliance Company. During these connections, the threat actors modified application settings with little apparent knowledge of how the flow control system worked. In at least two instances, they managed to manipulate the system to alter the amount of chemicals that went into the water supply and thus handicap water treatment and production capabilities so that the recovery time to replenish water supplies increased.

Fortunately, based on alert functionality, KWC was able to quickly identify and reverse the chemical and flow changes, largely minimising the impact on customers. No clear motive for the attack was found. Nonetheless, the whole incident Kemuri Water Company the weaknesses in securing critical Kemuri Water Company systems, which often rely on ageing or hopelessly insecure setups.

We continue to see infrastructure systems being targeted because they are generally under-resourced or believed to be out of band or not connected to the internet. Organisations must leverage this information to collectively raise the bar in security to better detect, prevent and respond to advanced attacks.

Reports that hackers have breached water treatment plants are rare but not unprecedented. For example, computer screenshots posted online back in November purported to show the user interface used to monitor and control equipment at the Water and Sewer Department for the City of South Houston, Texas by hackers who claimed to have pwned its systems.

The claim followed attempts by the US Department of Homeland Security to dismiss a separate water utility hack claim days earlier. Hackers got into production systems after tricking victims with spear phishing emails, said the agency. Spear phishing also seems to have played a role in attacks lining the BlackEnergy malware against power utilities in the Ukraine and other targets last December.

You are commenting using your WordPress. You are commenting using your Google account. You are commenting using your Twitter account. You are commenting using your Facebook account. Notify me of new comments via email. Notify me of new posts via email. Search for:. Hackers manipulated the programmable logic controllers that managed the amount of chemicals used to treat the water to make it safe to drink. The company has since taken remediation measures to protect its systems.

Like this: Like Loading Leave a Reply Cancel reply Enter your comment here Fill in your details below or click an icon to log in:. Email required Address never made public. Name required. Post to Cancel. Post was not sent - check your email addresses! Sorry, your blog cannot share posts by email. By continuing to use this website, you agree to their use.

Attackers Alter Water Treatment Systems in Utility Hack ...

Mar 22, 2016 · Verizon’s data breach digest for March 2016 describes several attacks investigated by the company, including one aimed at the systems of an unnamed water utility referred to by Verizon as the Kemuri Water Company (KWC). The water district had asked Verizon to conduct a proactive assessment as part of its efforts to keep systems and networks ...…

Water Treatment Plant Hit by Cyber-attack - Infosecurity ...

Mar 24, 2016 · It appears not even H2O is safe from cyber-criminals following a recent attack on a water treatment plant. According to a news report from International Business Times, hackers were able to change the levels of chemicals used to treat tap water during an attack on the outdated IT network of the plant (currently given the fake moniker "Kemuri Water Company" (KWC) due to the sensitive nature of ...…

Vericlave™ – The Kemuri Water Company Hack

company, including one aimed at the systems of an unnamed water utility referred to by Verizon as the Kemuri Water Company (KWC). This attack was also highlighted by Sentryo (www.sentryo.com), a pioneer of industrial internet cybersecurity, in their Cyber Security Magazine Episode 5. KWC asked Verizon to conduct a cybersecurity…

Kemuri Water Company (KWC) Hackers change chemical ...

Hackers manipulated the programmable logic controllers that managed the amount of chemicals used to treat the water to make it safe to drink. NEW YORK — March 23, 2016 — Hackers breached a water company’s industrial control system and made changes to valve and flow control settings, Verizon revealed in its latest Data Breach Digest.…

KWC - Kemuri Water Company

Kemuri Water Company. Business » Companies & Firms. Add to My List Edit this Entry Rate it: (1.00 / 1 vote) Translation Find a translation for Kemuri Water Company in other languages: Select another language: - Select - 简体中文 (Chinese - Simplified) 繁體中文 (Chinese - Traditional)…

Verizon Outlines Disturbing AS/400 Breach At Water ...

Mar 16, 2016 · Verizon dedicated five pages to laying out the disturbing breach of a water district that it referred to as Kemuri Water Company (KWC), which is not a real name. The water district had first contacted Verizon’s RISK Team to conduct a proactive assessment of its security system. KWC insisted it had never been compromised.…