Iranian Hackers Attack US Water System
Iran-linked hackers have exploited Israeli-made programmable logic controllers (PLCs) used in multiple water systems and other operational technology facilities across the US, according to US cyber security agencies. Iran has been linked with repeated attacks on Israeli water infrastructure.
A senior White House national security official has spoken about these recent cyber attacks by Iranian hackers on US water utilities and ransomware attacks on the healthcare industry, saying there should be stronger cyber security.
Iranian hackers breached a Pennsylvanian water utility and this was just one of the operations cyber attacked in an apparent politically motivated attack. Municipal Water Authority of Aliquippa (MWAA) said it resorted to manual controls after hackers breached pressure monitoring equipment at one of their booster stations over Thanksgiving weekend.
The US Cybersecurity and Infrastructure Security Agency (CISA) has said that the hackers, known as "CyberAv3ngers," have been infiltrating video screens with the message "You have been hacked, down with Israel. Every equipment 'made in Israel' is CyberAv3ngers legal target." Anne Neuberger the Deputy National Security Adviser said that recent attacks on a number of American organisations by the Iranian hacker group known as Cyber Av3ngers, though to be linked with the Iranian military.
The hackers said they were specifically targeting organisations that used programmable logic controllers made by the Israeli company Unitronics, commonly used by water and water treatment utilities.
The affected device monitors and regulates pressure for Raccoon and Potter townships in Beaver County. The attack did not affect water quality or availability. But the attacks do offer a renewed warning-call utility companies and operators of critical infrastructure are facing persistent and capable cyber attacks from hostile countries and criminals that are not going away.
“Some pretty basic practices would have made a big difference there... We need to be locking our digital doors. There are significant criminal threats, as well as capable countries, but particularly criminal threats, that are costing our economy a lot.” according to Neuberger
The US government is increasingly concerned about Iran attempting to aggravate the Israeli-Hamas conflict through the ise of proxy groups like CyberAv3ngers.
Neuberger said that this event emphasised the need to step up cyber security efforts and the most recent attack
came after a federal appeals court decision in October prompted the Environmental Protection Agency to drop regulations that would have obliged US public water systems to include cyber security testing in their regular audits.
Neuberger also noted recent criminal ransomware attacks that have devastated health care systems, arguing those attacks spotlight the need for government and industry to take steps to tighten cyber security.
A recent global study by the leading cyber security firm Sophos found that nearly two-thirds of health care organisations were hit by ransomware attacks in the year ending in March, double the rate from two years earlier but slightly lower than 2022.
CISA: The Hill: AP: ArabNews: CPO Magazine: The Register: NPR: Sophos:
Image: American Public Power Association
You Might Also Read:
Iran Fingered For Attack On Israeli Water Infrastructure:
___________________________________________________________________________________________
If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.
- Individual £5 per month or £50 per year. Sign Up
- Multi-User, Corporate & Library Accounts Available on Request
- Inquiries: Contact Cyber Security Intelligence
Cyber Security Intelligence: Captured Organised & Accessible