Iranian hackers targeted NY area dam

Iranian hackers were able to infiltrate the computer system controlling a dam in New York State, underscoring the dangers presented by cyber terrorism. 

Iranian hackers launched a cyber attack on the Bowman Avenue Dam near Rye Brook in upstate New York in 2013, several news sites reported last week.

According to a former official familiar with the 2013 investigation into the attack, the hack was a test by Iranian hackers to see what they could access.

In the incident, which remains mostly classified, the attackers took control of the flood gates but were unable to fully penetrate the system.

The dam is used to control water flow when it rains, to prevent flooding downstream.

An Iranian group, US SOBH Cyber Jihad, took responsibility for the attack and sent a message through another Iran-linked hacker outfit, Parastoo, promising that it would release the technical information that proves it was behind the 2013 breach, according to Flashpoint Intelligence.

The hackers claimed they kept quiet about the attack for two years because of a “state-level” warning not to go public with it “for the greater good.”

US Financial institutions were also targeted by Iranian hackers at the time.

Nita Lowey

Rep. Nita Lowey. (Wikipedia)

The Department of Homeland Security would not comment on the dam intrusion, but did note in a statement that its cybersecurity center serves as a hub for monitoring and mitigating attacks, CNN reported. DHS also maintains the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) to respond to such attacks.

“The Department of Homeland Security continues to coordinate national efforts to strengthen the security and resilience of critical infrastructure, working with our federal and industry partners across the country to raise awareness about evolving threats and promote measures to reduce risks to systems we all rely on,” the department said.

“Iran is the leading state sponsor of terrorism around the globe, so this sort of behavior is par for the course. An Iranian cyber-attack on a small dam in Rye is reason enough for concern, but when we look at other potential targets … it’s clear that we must do more to assess and address potential vulnerabilities to a cyberattack,” Congressman Eliot Engel said in a statement.

“I will continue working to ensure Iran — the number one state-sponsor of terrorism — is held accountable for its actions, and that my constituents in Westchester and Rockland, as well as all Americans, can live in safe and secure communities,” said Congresswoman Nita Lowey.

According to ICS-CERT, in 2014 the team responded to 245 cyber incidents reported by critical infrastructure operators, 32% of which were in the energy sector and 27% of which were in critical manufacturing.