Advertisement

Russian hacking group claims responsibility for cyberattack on Indiana wastewater plant

A video from the "People's Cyber Army of Russia" claims responsibility for last week's cyberattack on the Tipton West Wastewater Treatment Plant in Indiana.
water lid
(Getty Images)

A video by a Russian hacking group claiming responsibility for last week’s cyberattack on Tipton West Wastewater Treatment Plant in Indiana surfaced on social media Thursday. It’s evidence of the latest cyberattack by nation state cybercriminals targeting water facilities in small towns across the United States.

The “People’s Cyber Army of Russia” took credit last Saturday for the incident on the messaging app Telegram. A message accompanying the video read: “We continue to look partially cover our series of work on US infrastructure. Today, we’ll look at Indiana. Let’s consider the work on municipal water treatment plants. Enjoy watching, friends.”

The group has also claimed responsibility for a January cyberattack on a water facility in Texas, which caused a tank to overflow.

Other Russian hacking groups, such as Sandworm, the cyberwarfare unit of Russia’s military intelligence service, have also been conducting cyberattacks on water treatment facilities across the U.S. in recent months.

Advertisement

The cyberattack in Tipton, which provides wastewater treatment for roughly 5,000 people in a town 40 miles north of Indianapolis, began disrupting operations on Friday evening. Plant managers sent employees to correct the activity, which interrupted operations again on Sunday morning, according to Jim Ankrum, general manager of Tipton Municipal Utilities.

“At that time, we were notified that we had been hit with a cybersecurity attack,” Ankrum told StateScoop on Thursday.

He described the disruptions to the plant’s operations as minor and said the town’s drinking water was never in jeopardy.

“We maintained plant operational capability throughout [the incident] and were able to continue to accept wastewater flows and free even with the disruptions,” said Ankrum.

Last month, the Biden Administration issued a warning to state governments and industry leaders that local water systems and other critical infrastructure are especially vulnerable to cyberattacks.

Advertisement

Ankrum said the water utility uses third-party vendors to support its cybersecurity measures and does not have its own internal IT staff.

“We all do receive intermittent training,” Ankrum said. “It’s mostly things that come across our emails, you know, don’t click on this and all the things you’ve probably been trained on.”

He said the agency will review its security measures and improve cybersecurity after the investigation, which he said is being led by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.

“We will review our processes and see where we can make improvements for sure,” he said. “When you’re under attack, you find out where your vulnerabilities are.”

Sophia Fox-Sowell

Written by Sophia Fox-Sowell

Sophia Fox-Sowell reports on artificial intelligence, cybersecurity and government regulation for StateScoop. She was previously a multimedia producer for CNET, where her coverage focused on private sector innovation in food production, climate change and space through podcasts and video content. She earned her bachelor’s in anthropology at Wagner College and master’s in media innovation from Northeastern University.

Latest Podcasts