Infrastructure protectionIranian hackers attacked New York dam

Published 22 December 2015

In 2013, Iranian government hackers infiltrated the control system of Bowman Avenue Dam in Rye, New York, located twenty-five miles from New York City. Using a cellular modem, the hackers could have released larger volumes of upstream water without warning. As dams go, the Rye dam is small at about 20ft tall. There was some confusion initially, as DHS and DOE thought a similarly named dam in Oregon — the Arthur R. Bowman Dam – was the one hacked. The Oregon dam, at 245 feet, is much bigger, and hacking its control systems could have had much more serious consequences.

Iranian hackers try to penetrate N.Y. dam // Source: commons.wikimedia.org

In 2013, Iranian government hackers infiltrated the control system of Bowman Avenue Dam in Rye, New York, located twenty-five miles from New York City. The breach persuaded the Obama administration significantly to bolster U.S. cyber defenses, and appeal to private corporations to cooperate with the government in trying to guard against cyberattacks.

The United States has been worried about data theft for a while, but the attacks on the dam offered vivid demonstration of the vulnerability of many parts of the U.S. infrastructure.

CNN reports that on twelve occasions in the last decade hackers managed to gain top-level access to key power networks, which would have allowed them to trigger massive blackouts in cities, and deny power to military facilities. A couple of months ago DHS revealed that ISIS had been trying to hack U.S. power companies.

As dams go, the Rye dam is small at about 20ft tall — controlling the flow of Blind Brook as it heads toward Long Island Sound. By getting into the dam’s control system, the hackers, using a cellular modem, could have released larger volumes of upstream water without warning.

The Wall Street Journal reports that there was some confusion initially, as DHS and DOE thought a similarly named dam in Oregon — the Arthur R. Bowman Dam – was the one hacked. The Oregon dam, at 245 feet, is much bigger, and hacking its control systems could have had much more serious consequences.

The Iranian attack on the New York dam was in retaliation for the Stuxnet attack on Iran’s uranium enrichment centrifuges. The Iranian government hackers also tried to hack major U.S. financial institutions.

“We are not where we need to be,” on protecting U.S. infrastructure networks against cyberattacks, Alejandro Mayorkas, deputy secretary of DHS, told the AP. He noted that the U.S. electricity grid may be particularly vulnerable because much of it still relies on ageing computers installed and programmed before cyberattacks were a concern. 

Cyberattacks on infrastructure are often conducted for the purpose of collecting information, including detailed drawings, for potential use later.

“If the geopolitical situation changes and Iran wants to target these facilities, if they have this kind of information it will make it a lot easier,” Robert M. Lee, a former U.S. Air Force cyberwarfare operations officer, told AP. “It will also help them stay quiet and stealthy.”

DHS also maintains the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) to respond to such attacks. According to ICS-CERT, in 2014 the team responded to 245 cyber incidents reported by critical infrastructure operators, 32 percent of which were in the energy sector and 27 percent of which were in critical manufacturing.