Iranian Hackers Attack US Water System

Uploaded on 2023-12-12 in INTELLIGENCE-Hot Spots-Iran, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Production-Utilities

Iran-linked hackers  have exploited Israeli-made programmable logic controllers (PLCs) used in multiple water systems and other operational technology facilities across the US, according to US cyber security agencies. Iran has been linked with repeated attacks on Israeli water infrastructure.

A senior White House national security official has spoken about these recent cyber attacks by Iranian hackers on US water utilities and ransomware attacks on the healthcare industry, saying there should be stronger cyber security. 

Iranian hackers breached a Pennsylvanian water utility and this was just one of the operations cyber attacked in an apparent politically motivated attack. Municipal Water Authority of Aliquippa (MWAA) said it resorted to manual controls after hackers breached pressure monitoring equipment at one of their booster stations over Thanksgiving weekend.

The US Cybersecurity and Infrastructure Security Agency (CISA) has said that the hackers, known as "CyberAv3ngers," have been infiltrating video screens with the message "You have been hacked, down with Israel. Every equipment 'made in Israel' is CyberAv3ngers legal target." Anne Neuberger the Deputy National Security Adviser said  that recent attacks on a number of American organisations by the Iranian hacker group known as Cyber Av3ngers, though to be linked with the Iranian military.

The hackers said they were specifically targeting organisations that used programmable logic controllers made by the Israeli company Unitronics, commonly used by water and water treatment utilities.

The affected device monitors and regulates pressure for Raccoon and Potter townships in Beaver County. The attack did not affect water quality or availability. But the attacks do offer a renewed warning-call utility companies and operators of critical infrastructure are facing persistent and capable cyber attacks from hostile countries and criminals that are not going away.

 “Some pretty basic practices would have made a big difference there... We need to be locking our digital doors. There are significant criminal threats, as well as capable countries, but particularly criminal threats, that are costing our economy a lot.” according to Neuberger

The US government is increasingly  concerned about Iran attempting to aggravate the Israeli-Hamas conflict through the ise of proxy groups like CyberAv3ngers.

Neuberger said that this event emphasised the need to step up cyber security efforts and the most recent attack 
came after a federal appeals court decision in October prompted the Environmental Protection Agency to drop regulations that would have obliged US public water systems to include cyber security testing in their regular audits. 

Neuberger also noted recent criminal ransomware attacks that have devastated health care systems, arguing those attacks spotlight the need for government and industry to take steps to tighten cyber security.

A recent global study by the leading cyber security firm Sophos found that nearly two-thirds of health care organisations were hit by ransomware attacks in the year ending in March, double the rate from two years earlier but  slightly lower than 2022. 

CISA:    The Hill:     AP:     ArabNews:   CPO Magazine:     The Register:    NPR:     Sophos:

Image:  American Public Power Association 

You Might Also Read: 

Iran Fingered For Attack On Israeli Water Infrastructure:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

« Google Launches Its New AI Model - Gemini
EU Agrees Regulations For Artificial Intelligence »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

SmartSearch

SmartSearch

SmartSearch is a leading online provider of Anti-Money Laundering and Fraud Prevention Services.

EC-Council

EC-Council

EC-Council is a member-based organization that certifies individuals in various e-business and information security skills.

Jumpsec

Jumpsec

Jumpsec provides penetration testing, security assessments, social engineering testing, cyber incident response, training and consultancy services.

Backup112

Backup112

Backup112 has been delivering professional cloud backup services since 2004.

Entreda

Entreda

Entreda offers a unified platform to automate cybersecurity and compliance policy enforcement for your devices, users, networks, applications.

MASS

MASS

MASS provides world-class capabilities in electronic warfare operational support, cyber security, information management, support to military operations and law enforcement.

Greenetics Solutions

Greenetics Solutions

Greenetics Solutions is a company focused on providing solutions for information security.

Morphus Information Security

Morphus Information Security

Morphus is an information security company providing Red Team, Blue Team and GRC services as well as conducting research in cybersecurity and threat analysis.

BHC Laboratory

BHC Laboratory

BHC Laboratory is a cyber capabilities’ development company for a wide range of global customers.

Infosec Partners

Infosec Partners

Whether you’re looking for complete managed security or an on-call expert advisor, we offer a range of managed security services to complement your internal team or primary outsource partner.

CloudCover

CloudCover

CloudCover is a software-defined cybersecurity risk solution that provides risk awareness, risk analytics, and data security in real time.

Narf Industries

Narf Industries

Narf Industries are a small group of reverse engineers, vulnerability researchers and tool developers that specialize in tailored solutions for government and large enterprises.

N2K Networks

N2K Networks

N2K Networks is the world’s first “news to knowledge” network. The news to knowledge network is how you stay at the cutting edge in a rapidly changing world.

Cybit

Cybit

Cybit is the one-stop-shop for digital transformation that scales in line with your growth.

Silence Laboratories

Silence Laboratories

Silence Laboratories is a cybersecurity company that focuses on the fusion of cryptography, sensing, and design to support a seamless authentication experience.

ITButler e-Services

ITButler e-Services

At IT Butler, our mission is crystal clear: we are dedicated to providing top-tier cybersecurity solutions and best-practice methodologies to secure and enhance your digital infrastructure’s resilienc