Iranian Hackers Attack US Water System

Uploaded on 2023-12-12 in INTELLIGENCE-Hot Spots-Iran, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Production-Utilities

Iran-linked hackers  have exploited Israeli-made programmable logic controllers (PLCs) used in multiple water systems and other operational technology facilities across the US, according to US cyber security agencies. Iran has been linked with repeated attacks on Israeli water infrastructure.

A senior White House national security official has spoken about these recent cyber attacks by Iranian hackers on US water utilities and ransomware attacks on the healthcare industry, saying there should be stronger cyber security. 

Iranian hackers breached a Pennsylvanian water utility and this was just one of the operations cyber attacked in an apparent politically motivated attack. Municipal Water Authority of Aliquippa (MWAA) said it resorted to manual controls after hackers breached pressure monitoring equipment at one of their booster stations over Thanksgiving weekend.

The US Cybersecurity and Infrastructure Security Agency (CISA) has said that the hackers, known as "CyberAv3ngers," have been infiltrating video screens with the message "You have been hacked, down with Israel. Every equipment 'made in Israel' is CyberAv3ngers legal target." Anne Neuberger the Deputy National Security Adviser said  that recent attacks on a number of American organisations by the Iranian hacker group known as Cyber Av3ngers, though to be linked with the Iranian military.

The hackers said they were specifically targeting organisations that used programmable logic controllers made by the Israeli company Unitronics, commonly used by water and water treatment utilities.

The affected device monitors and regulates pressure for Raccoon and Potter townships in Beaver County. The attack did not affect water quality or availability. But the attacks do offer a renewed warning-call utility companies and operators of critical infrastructure are facing persistent and capable cyber attacks from hostile countries and criminals that are not going away.

 “Some pretty basic practices would have made a big difference there... We need to be locking our digital doors. There are significant criminal threats, as well as capable countries, but particularly criminal threats, that are costing our economy a lot.” according to Neuberger

The US government is increasingly  concerned about Iran attempting to aggravate the Israeli-Hamas conflict through the ise of proxy groups like CyberAv3ngers.

Neuberger said that this event emphasised the need to step up cyber security efforts and the most recent attack 
came after a federal appeals court decision in October prompted the Environmental Protection Agency to drop regulations that would have obliged US public water systems to include cyber security testing in their regular audits. 

Neuberger also noted recent criminal ransomware attacks that have devastated health care systems, arguing those attacks spotlight the need for government and industry to take steps to tighten cyber security.

A recent global study by the leading cyber security firm Sophos found that nearly two-thirds of health care organisations were hit by ransomware attacks in the year ending in March, double the rate from two years earlier but  slightly lower than 2022. 

CISA:    The Hill:     AP:     ArabNews:   CPO Magazine:     The Register:    NPR:     Sophos:

Image:  American Public Power Association 

You Might Also Read: 

Iran Fingered For Attack On Israeli Water Infrastructure:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

« Google Launches Its New AI Model - Gemini
EU Agrees Regulations For Artificial Intelligence »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Satisnet

Satisnet

Satisnet is a leading Security Reseller, Managed Security Services Provider (MSSP) and Cyber Training Innovator, with operations throughout the UK, EMEA and United States.

CERT-UG/CC

CERT-UG/CC

CERT-UG/CC is the national Computer Emergency Response Team for Uganda, operating under the National Information Technology Authority (NITA-U)

Cyber DriveWare

Cyber DriveWare

DriveWare analyzes new traffic in the I/O layer and blocks malware and cyber attacks which organizations have no means to protect against.

IQ Solutions

IQ Solutions

IQ Solutions is a Digital Integrator and an ICT Services Provider, focusing on innovative Cyber Secured ICT managed solutions tailored to the needs of the Maritime Industry.

A-LIGN

A-LIGN

A-LIGN is a technology-enabled security and compliance partner trusted by more than 2,500 global organizations to mitigate cybersecurity risks.

Red4Sec

Red4Sec

Red4Sec are experts in ethical hacking, audits of web and mobile applications, code audits, cryptocurrency audits, perimeter security and incident response.

Adzuna

Adzuna

Adzuna is a search engine for job ads used by over 10 million visitors per month that aims to list every job everywhere, including thousands of vacancies in Cybersecurity.

Secberus

Secberus

SECBERUS creates cloud security technology to help organizations stay secure & compliant in the public cloud.

Splone

Splone

Splone is a Berlin-based IT security research team and consultancy. We help improve IT-security by offering red team assements, penetration tests, audits and customized consulting.

CyberCX

CyberCX

CyberCX provides services from strategic consulting, security testing and training to world-class managed services and engineering solutions.

Anthony Timbers LLC

Anthony Timbers LLC

Anthony Timbers is a cybersecurity consulting and penetration testing firm providing services to the Federal and Commercial sectors nationwide.

stackArmor

stackArmor

stackArmor specializes in compliance and security-focused solutions delivered using our Agile Cloud Transformation (ACT) methodology.

Secuna Software Technologies

Secuna Software Technologies

Secuna is the most trusted Cybersecurity Testing Platform in the Philippines. Our pool of vetted security researchers will find and ethically report security vulnerabilities in your product.

Immunefi

Immunefi

Immunefi provides bug bounty hosting, consultation, and program management services to blockchain and smart contract projects.

Ostrich Cyber-Risk

Ostrich Cyber-Risk

Ostrich Cyber-Risk is a risk management company that helps organizations reduce the complexity of identifying financial and operational risks related to your cybersecurity posture.

BuddoBot

BuddoBot

BuddoBot has been a pioneering force in cybersecurity and information technology since 2008.