The Industrial Control Systems Cyber Emergency Response Team released a report outlining the steps taken in assessing the situation. The group said “analysis of what caused the pump to fail is ongoing. ICS-CERT will continue to coordinate with the FBI, Water ISAC, MS-ISAC and other organizations as appropriate.”
Ongoing or not, the report makes it clear that the original claim was based on unconfirmed data and that no information was compromised.
“In addition, DHS and FBI have concluded that there was no malicious traffic from Russia or any foreign entities, as previously reported,” said DHS spokesman Chris Ortman, according to Computerworld.
Joe Weiss, a cybersecurity expert who illustrated the incident in his blog, seemed wholly unconvinced by the fusion center’s report, saying that a cyberattack was not entirely out of the question, according to a FierceHomelandSecurity report.
In disclosing the supposed cyberattack, Computerworld says Weiss brought attention to issues regarding the vulnerability of U.S. infrastructure.
That which is left vulnerable includes older equipment without security features used in both the “water and energy industries,” according to a statement made by Patrick Miller, president of the Energy Sector Security Consortium, to Computerworld.