Unhappy with recent reports of how officials tried to downplay the threat of cyber attacks on critical infrastructure, a twenty-something hacker broke into a water utility in Texas and posted screenshots to prove it. This comes in the wake of reports of hackers who gained access into a SCADA system to destroy a pump at an Illinois water utility.

Using the handle of "pr0f," the hacker told security vendor Kaspersky that the system that was compromised used a three character password. He apparently discovered the vulnerable system using a scanner that looks for SCADA systems that were connected to the Internet.

In an email exchange with the Threatpost blog operated by Kaspersky, the hacker downplayed the technical challenge his hack entailed: "I'm sorry this ain't a tale of advanced persistent threats and stuff, but frankly most compromises I've seen have been have been a result of gross stupidity, not incredible technical skill on the part of the attacker. Sorry to disappoint."

The hacker said he wanted to expose the threat that the national infrastructure faces. For now, what is known is that he isn't a security professional and doesn't work in the SCADA sector. He claims that his technical knowledge is limited to reading "a few books" about ICS and embedded systems.

For more:
- check out this article at Threatpost
- check out this article at CNET News

Related Articles:
Hackers break into SCADA system, destroy pump at Illinois water utility
SCADA hack talk canceled on request by DHS, Siemens
Auriemma discovers more zero-day SCADA vulnerabilities
Security researcher accuses Siemens of downplaying SCADA bugs