Iran-linked cyberattacks threaten equipment used in U.S. water systems and factories

/in


Updated December 2, 2023 at 1:51 PM ET

An Iran-linked hacking group is “actively targeting and compromising” multiple U.S. facilities for using an Israeli-made computer system, U.S. cybersecurity officials say.

The Cybersecurity and Infrastructure Security Agency (CISA) said on Friday that the hackers, known as “CyberAv3ngers,” have been infiltrating video screens with the message “You have been hacked, down with Israel. Every equipment ‘made in Israel’ is CyberAv3ngers legal target.”

The cyberattacks have spanned multiple states, CISA said. While the equipment in question, “Unitronics Vision Series programmable logic controllers,” is predominately used in water and wastewater systems, companies in energy, food and beverage manufacturing, and health care are also under threat.

“These compromised devices were publicly exposed to the internet with default passwords,” CISA said.

The agency did not specify how many organizations have been hacked, but on Friday CNN reported that “less than 10” water facilities around the U.S. had been affected.

CyberAv3ngers was behind the breach at a water authority outside of Pittsburgh on Nov. 25. The Aliquippa water authority was forced to temporarily disable the compromised machine, but reassured citizens that the drinking water is safe.

While it did not cause any major disruptions to the water supply, the incident revealed just how vulnerable the nation’s critical infrastructure is to cyberattacks.

“If a hack like this can happen here in Western Pennsylvania, it can happen elsewhere in the United States,” Sens. John Fetterman and Bob Casey, and Rep. Chris Deluzio, who all represent the state, wrote in a letter to Attorney General Merrick Garland on Tuesday. The lawmakers urged the Justice Department “to conduct a full investigation and hold those responsible accountable.”

It also showed the scale and scope of Israel and Hamas’ cyberwarfare. Alongside the fight on the ground, both sides of the conflict are armed with dozens of hacking groups that have been responsible for disrupting company operations, leaking sensitive information online and collecting user data to plan future attacks.

“We’re now tracking over 150 such groups. And since you…

Source…