There is no evidence of a cyber intrusion into the SCADA system of the water utility in Springfield, Illinois, said the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in an email yesterday. ICS-CERT and the Federal Bureau of Investigation (FBI) had been investigating the reported incident of a cyber attack on the SCADA systems of the U.S. water utility resulted in a pump failure. It noted that there was no evidence to support claims made in the initial DHS Fusion Center reports. ICS-CERT received a copy of the reports on Nov 16th and inquired to the DHS field office to obtain additional information. The claims of a cyber attack have now also been dismissed by the FBI and DHS. Read more »

A security researcher working for NSS Labs, an electronics security firm, reportedly identified security flaws in Siemens industrial control management systems that compromise the critical infrastructure systems to hackers. Siemens SCADA systems were the center of last year's Stuxnet attacks where the computer worm reportedly affected Iran's nuclear facilities. Industry news source Dark Reading reported that the researcher and Siemens had been collaborating along with the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) to come up with fixes for the flaws identified but NSS Labs found out that the fixes Siemens came up with still did not fully protect the affected systems. The researcher Dillon Beresford noted that he was able to bypass the fix within 45 minutes, and notified both Siemens and ICS-CERT of this issue. Read more »