Iranian hackers gained access to the control system at the Bowman Avenue Dam in 2013. The dam is some 32km from New York City, according to The Wall Street Journal. Yikes.
While there’s no apparent damage related to the hack, it’s alarming for a number of reasons. The scariest bit is that it reportedly took investigators a long time to figure out exactly which dam had been infiltrated.
Analysts discovered the hack while monitoring IP addresses associated with disruptions to websites of US banking institutions. They found computers trawling the internet for vulnerable industrial infrastructure, and a couple of IP addresses were linked to a “Bowman” dam. The trouble? There are 31 dams with the name Bowman in the United States, and they didn’t know which one it was.
The Bowman avenue dam is a tiny 6m concrete structure. It could’ve been way worse: Initially, officials thought the compromised infrastructure was a much larger 71m dam in Oregon.
Here is the location of the dam shown on Google Earth. As you can see, there are excellent nearby dining options.
At this time the hack is classified and unconfirmed.
It’s scary enough that much of our infrastructure is connected to the internet somehow, and that, as the WSJ notes, it’s all pretty much hanging out there insecurely. What really gets me about this is that once analysts figured out that there was a hack, they still couldn’t really figure out where it was.