Iranian Hackers Attack US Water Supplies

Uploaded on 2024-04-15 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Iran, FREE TO VIEW, BUSINESS-Production-Utilities, TECHNOLOGY--Hackers

A White House national security official has said recent cyber attacks by Iranian hackers on US water authorities should be seen as a call to action by utilities and industry to tighten cyber security.

Now, the US government is warning state governors that Iranian hackers are carrying out disruptive cyber attacks against water and sewage systems throughout the country, as a result if rising tensions in the Middle East.

The US national security adviser Jake Sullivan, has warned state governors and asked them to be  alert for potential cyber attacks on States critical infrastructure systems. The warning letter which was released last month was co-authored by Michael Regan, the head of the US Environmental Protection Agency. 

This warning comes after Islamic Revolutionary Guard Corps (IRGC), were attributed responsibility for cyber attacks against critical US infrastructure, including drinking water systems. The IRGC affiliated hackers were able to target and disable a common type of operational technology used at water facilities where the facility had neglected to change a default manufacturer password.

Sullivan and Regan refer to ongoing threats from hackers linked to the governments of Iran and China and warned hackers associated with both states have previously attacked water systems. Their intention is to warn to organisations operating critical utilities and that in many cases their facilities lack the personnel and technical resources to address the threat or implement robust cyber security mechanisms.  

The US has imposed sanctions on six officials in IRGC, which it says are responsible for the cyber-attacks on American water plants in 2023. Hackers related to the Iranian regime attacked Israeli-made digital controls in the water industries in the US last November, affecting several states without affecting water supply.

Water facilities in the US have long been an easy target for cyber attacks due to the critical underfunding, low staffing levels, and a general lack of cyber security. 

The US Government has previously said that the burden of responsibility for cyber security should be shifted onto private enterprises, that are best positioned to reduce the risks for small businesses and public institutions.

Telegraph     |     BBC     |     Oodaloop     |     CBS News     |     Iran International   | Reuters     |     Tech Radar    |

 Bloomberg    |      Image: Dan Meyers

 

You Might Also Read:

Attack On Israel’s Water Systems:

DIRECTORY OF SUPPLIERS - Critical Infrastructure Security:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« British Businesses Must Do More To Protect Themselves
Controlling The Use Of Cyber Weapons »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Zymr

Zymr

Zymr specialize in cloud computing solutions including Cloud Security, Cloud Mobility, Cloud Apps, Cloud Infrastructure and Cloud Orchestration.

IronScales

IronScales

IronScales combines human intelligence with machine learning to automatically prevent, detect and respond to email phishing attacks.

Netwrix

Netwrix

Netwrix empowers information security and governance professionals to identify and protect sensitive data to reduce the risk of a breach.

Syhunt Security

Syhunt Security

Syhunt is a leading player in the web application security field, delivering its assessment tools to a range of organizations across the globe.

VMRay

VMRay

VMRay delivers advanced threat analysis and detection that combines a unique agentless hypervisor-based network sandbox with a real-time reputation engine.

Sabasai

Sabasai

Sabasai specialises in all aspects of insider threat management from training and education to building security frameworks and insider threat programs to on-site risk & vulnerability assessments.

Sera-Brynn

Sera-Brynn

Sera-Brynn is one of the highest-ranked, pure-play cybersecurity compliance and advisory firms in the world.

Fischer Identity

Fischer Identity

Fischer Identity provide identity & access management and identity governance administration solutions.

ThreatGen

ThreatGen

ThreatGEN™ works with your team to improve your resiliency and industrial cybersecurity capabilities through an innovative and modernized approach to training and services.

DDLS

DDLS

DDLS is Australia's largest provider of corporate IT, process training and cybersecurity training courses and certification programs.

Optimum Speciality Risks

Optimum Speciality Risks

Optimum Speciality Risks are an experienced team of cyber insurance experts, backed by Lloyds of London.

Cyber Polygon

Cyber Polygon

Cyber Polygon is an annual online exercise which connects various global organisations to train their competencies and exchange best practices.

BlueRiSC

BlueRiSC

BlueRiSC invent cutting-edge system assurance solutions for the 21st century with novel software and hardware designs focusing on security technologies that can be game changing.

People Driven Technology

People Driven Technology

People Driven Technology is a customer-obsessed organization. We leverage our decades of business, technology, and engineering experience to deliver outcomes for our clients.

SecondSight

SecondSight

SecondSight’s Vertical AI embodies a full-spectrum approach to cyber insurance, facilitating accurate digital risk profiling.

True Corporation

True Corporation

True Corporation is Thailand’s leading Telecom-Tech company, empowering people and businesses with connected solutions that advance society sustainably.