Iranian Hackers Attack US Water Supplies

Uploaded on 2024-04-15 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Iran, FREE TO VIEW, BUSINESS-Production-Utilities, TECHNOLOGY--Hackers

A White House national security official has said recent cyber attacks by Iranian hackers on US water authorities should be seen as a call to action by utilities and industry to tighten cyber security.

Now, the US government is warning state governors that Iranian hackers are carrying out disruptive cyber attacks against water and sewage systems throughout the country, as a result if rising tensions in the Middle East.

The US national security adviser Jake Sullivan, has warned state governors and asked them to be  alert for potential cyber attacks on States critical infrastructure systems. The warning letter which was released last month was co-authored by Michael Regan, the head of the US Environmental Protection Agency. 

This warning comes after Islamic Revolutionary Guard Corps (IRGC), were attributed responsibility for cyber attacks against critical US infrastructure, including drinking water systems. The IRGC affiliated hackers were able to target and disable a common type of operational technology used at water facilities where the facility had neglected to change a default manufacturer password.

Sullivan and Regan refer to ongoing threats from hackers linked to the governments of Iran and China and warned hackers associated with both states have previously attacked water systems. Their intention is to warn to organisations operating critical utilities and that in many cases their facilities lack the personnel and technical resources to address the threat or implement robust cyber security mechanisms.  

The US has imposed sanctions on six officials in IRGC, which it says are responsible for the cyber-attacks on American water plants in 2023. Hackers related to the Iranian regime attacked Israeli-made digital controls in the water industries in the US last November, affecting several states without affecting water supply.

Water facilities in the US have long been an easy target for cyber attacks due to the critical underfunding, low staffing levels, and a general lack of cyber security. 

The US Government has previously said that the burden of responsibility for cyber security should be shifted onto private enterprises, that are best positioned to reduce the risks for small businesses and public institutions.

Telegraph     |     BBC     |     Oodaloop     |     CBS News     |     Iran International   | Reuters     |     Tech Radar    |

 Bloomberg    |      Image: Dan Meyers

 

You Might Also Read:

Attack On Israel’s Water Systems:

DIRECTORY OF SUPPLIERS - Critical Infrastructure Security:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« British Businesses Must Do More To Protect Themselves
Controlling The Use Of Cyber Weapons »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

StoneFly

StoneFly

StoneFly offers High Availability, high performance cluster and scale out storage, and backup and disaster recovery appliances.

VdS

VdS

VdS is an independent safety and security testing institution. Cybersecurity services include standards, audit/assessment and certification for SMEs.

SecureNinja

SecureNinja

SecureNinja provides professional training, certifications & professional services related to all facets of Information Technology and Cyber Security.

Somansa

Somansa

Somansa is a global leader in Data Security and Compliance solutions designed to protect valuable company information from leakage and help meet regulatory compliance requirements.

Corvus Insurance

Corvus Insurance

Corvus' mission is to create a safer, more productive world through technology-enabled commercial insurance.

Cyan Securiy Group

Cyan Securiy Group

Cyan provide best-in-class cyber security solutions for mobile Internet and mobile devices that are extremely effective and highly intuitive in their use.

AXELOS

AXELOS

AXELOS develops best practice frameworks and methodologies used globally by professionals working primarily in IT management and cyber resilience.

Calyptix Security

Calyptix Security

Calyptix Security helps small and medium offices secure their networks so they can raise profits, protect investments, and control technology.

National Cyber Coordination & Command Centre (NC4) - Malaysia

National Cyber Coordination & Command Centre (NC4) - Malaysia

NC4 is established as a center for dealing with cyber threats and crisis at the national level in Malaysia.

Amidas Hong Kong

Amidas Hong Kong

Amidas is your trusted companion on the road to Digital Transformation. We provide a full range of Information Technology Solutions and Professional Services to Enterprise customers.

MindWise

MindWise

MindWise is a comprehensive global threat monitoring solution with implementations for fraud prevention and enterprise threat intelligence.

Prelude

Prelude

Prelude offer the first autonomous platform built to attack, defend and train critical assets through continuous red-teaming.

Olympix

Olympix

Dev-first Web3 security that starts at the source. Olympix is a pioneering DevSecOps tool that puts security in the hands of the developer by proactively securing code from day one.

CMIT Solutions

CMIT Solutions

CMIT Solutions is a recognized leader in Managed IT Services for businesses. We empower businesses like yours by providing innovative technology solutions, managed IT services and cybersecurity.

Star Lab

Star Lab

Star Lab specializes in the development and productization of embedded security technologies.

SecureKloud Technologies

SecureKloud Technologies

SecureKloud is a global leader in the Cloud services arena. Our experience in cloud consulting and servicing for highly regulated industries extends more than a decade.