Iranian-affiliated hackers breached multiple organizations in the United States, including a western Pennsylvania water authority, targeting an Israeli-made industrial control device. Various agencies, including the FBI, EPA, CISA, and Israel’s National Cyber Directorate, confirmed this breach in an advisory sent to The Associated Press.
Matthew Mottes, chairman of the Municipal Water Authority of Aliquippa, disclosed that the same hacker group breached four other utilities and an aquarium.
While there was no proof of Iranian involvement in the October 7 attack by Hamas triggering the Israel-Gaza conflict, cybersecurity experts anticipated increased cyberattacks by state-backed Iranian hackers and pro-Palestinian activists against Israel and its allies. These expectations materialized.
The advisory highlighted that other industries beyond water facilities use the same vulnerable equipment – Vision Series programmable logic controllers made by Unitronics. Sectors such as energy, food manufacturing, and healthcare rely on these devices to regulate processes like pressure and temperature.
The hackers disrupted the Aliquippa water system temporarily, forcing manual operation after leaving a digital message claiming all Israeli-made equipment as “legal targets.”
The hackers, identified as “Cyber Av3ngers,” have ties to Iran’s Islamic Revolutionary Guards Corps. They targeted Unitronics devices since at least November 22, accessing them via cybersecurity weaknesses, including default passwords and internet exposure.
The advisory noted over 200 similar internet-connected devices in the US and over 1,700 globally, highlighting cybersecurity concerns due to default passwords and poor security measures.
Concerns were raised about insufficient attention to cybersecurity in water utilities, prompting Pennsylvania congressmen to urge the US Justice Department to investigate and ensure the safety of basic infrastructure.
The cyberattacks coincide with heightened tensions between Iran and Israel, with an escalation in targeting Israeli infrastructure by hacker groups post the Israel-Hamas conflict.
The attack occurred following a federal appeals court decision prompting the EPA to revoke a rule requiring cybersecurity testing in US public water systems, leading to criticism of lax self-regulation in various critical industries despite the Biden administration’s efforts to enhance cybersecurity.
Source: AP