Tag Archive for: Water

Bad Password May Have Led to Pennsylvania Water System Hack


(TNS) — Federal and state security officials said a poor or even default password could be the weak link that enabled hackers to break into a Pittsburgh-area water system.

The Municipal Water Authority of Aliquippa suffered the cyberattack on Saturday, with several media outlets displaying images of a screen from the authority equipment that claimed to target Israeli-made products.

In a Tuesday alert, the federal Cybersecurity and Infrastructure Security Agency (CISA) said the hackers, who some media outlets have identified as the pro-Iran group CyberAvengers, “likely accessed the affected device … by exploiting cybersecurity weaknesses, including poor password security and exposure to the internet.”


CISA is a federal agency that falls under the Department of Homeland Security.

The Pennsylvania Criminal Intelligence Center shared CISA’s advisory Wednesday and reminded security experts “to ensure the default ‘1111’ password is not in use” on their networks, according to an email obtained by TribLive.

The center also recommended that systems’ “programmable logic controllers,” or PLCs, use multifactor authentication and update to the most current software.

No customers of Aliquippa’s service lost access to water due to the attack, said Robert Bible, general manager of the Aliquippa Municipal Authority, in an interview with TribLive news partner WTAE.

Bible said the hackers targeted a small substation in Racoon Township. They disabled a device that is used to automatically control water levels at the authority’s tanks, he said.

Bible did not return phone calls Wednesday to the municipal authority. Aliquippa Mayor Dwan B. Walker also could not be reached for comment.

CISA officials, in their Tuesday advisory, identified equipment hacked at the Pennsylvania utility as a “Unitronics Vision Series PLC with a Human Machine Interface (HMI).”

Unitronics, which is based in Israel and operates a U.S. office in Quincy, Mass., a Boston suburb, did not respond to numerous emails and phone calls this week seeking comment.

Pittsburgh-based Jewish security officials said they also have grappled with cybersecurity issues related to the…

Source…

Did Iranian Hackers Hit a Pennsylvania Water System?


(TNS) — The Municipal Water Authority of Aliquippa revealed Saturday that one of their booster stations had been hacked and partially controlled by a cyber guerilla group tied to the Iranian government, according to news reports.

Confirming the hack to KDKA, Matthew Motes, the chairman of the board of directors for the Municipal Water Authority of Aliquippa, said that the group, known as Cyber Av3ngers, took control of one of the stations.

The hacking ring shut down a pump on a supply line that provides drinking water from the Aliquippa Municipal Water Authority’s treatment plant to Raccoon and Potter townships in Beaver County.


As soon as the hack had occurred, an alarm sounded, the Beaver Countain reported.

Also confirming the hack was a haunting message that appeared that appeared on the system’s control panel after the pump had been taken over, reading, “You have been hacked. Down with Israel. Every equipment ‘made with Israel’ is Cyber Av3ngers legal target.”

The machine that was hacked by the cyber group uses a system called Unitronics, which uses software or has components that are Israeli-owned, KDKA reported.

Aliquippa municipal workers managed to disable the system and authorities were called to the booster station Saturday. Now the incident is under criminal investigation.

Back-up methods are now being applied to maintain water pressure to communities, the Beaver Countain reported.

“They did not get access to anything in our actual water treatment plant – or other parts of our system – other than a pump that regulates pressure to elevated areas of our system,” Mottes told the outlet. “This pump has its own computer network, separated from our primary network, and is physically miles away.”

The network also serviced multiple security cameras.

“The booster system did what it was supposed to. It sent an alarm and we took control manually. Nobody was ever at risk,” he added.

Congressman Chris Deluzio said in a statement on Facebook Sunday that he is monitoring the situation.

On X, formerly known as Twitter, the Cyber Av3ngers have taken responsibility for multiple attacks worldwide,…

Source…

CISA Warns of Unitronics PLC Exploitation Following Water Utility Hack


After hackers compromised an industrial control system (ICS) at a water utility in the United States, the cybersecurity agency CISA issued an alert over the exploitation of the targeted device.

The target of the attack was the Municipal Water Authority of Aliquippa in Pennsylvania, which confirmed that hackers took control of a system associated with a station where water pressure is monitored and regulated, but said there was no risk to the water supply or drinking water.

Based on publicly available information, the hackers targeted an Unitronics Vision system, which is a programmable logic controller (PLC) with an integrated human-machine interface (HMI).

A hacktivist group called Cyber Av3ngers, known to be anti-Israel and possibly linked to Iran, has taken credit for the attack, apparently targeting the Israel-made Unitronics PLC. 

Unitronics Vision products have been known to be affected by critical vulnerabilities that could expose devices to attacks. However, HMIs are often accessible from the internet without authentication, making them an easy target even for low-skilled threat actors. 

In the case of the Municipal Water Authority of Aliquippa, CISA noted that the attackers likely accessed the ICS device “by exploiting cybersecurity weaknesses, including poor password security and exposure to the internet”. 

This statement suggests that the attackers likely leveraged the fact that the device was insecurely configured, rather than exploiting an actual vulnerability. This would not be surprising for a hacktivist group as these types of threat actors mostly target low-hanging fruit and do not waste time and energy creating sophisticated exploits.  

In order to protect their Unitronics PLCs against potential attacks, organizations have been urged by CISA to change the default ‘1111’ password, require multi-factor authentication for remote access to OT systems, ensure that the controller is not directly exposed to the internet, create backups for the PLC’s logic and configuration in case it gets compromised, change the default port, and update the device to the latest version.

Advertisement. Scroll to continue reading.

Such PLCs are used by organizations in the…

Source…

Iranian Hacking Group Attacks Pennsylvania Water Authority


CISA Investigating Iranian Hacking Group Attack on Pennsylvania Water Authority

Iranian Hacking Group Attacks Pennsylvania Water Authority
Iranian threat actors launched a cyberattack against the Municipal Water Authority of Aliquippa. (Image: MWAA)

The U.S. Cybersecurity and Infrastructure Security Agency is investigating a cyberattack from an Iranian hacking group known as “Cyber Av3ngers” that targeted a small municipal water authority in Pennsylvania over its use of Israeli-owned software, according to officials.

See Also: Live Webinar | Generative AI: Myths, Realities and Practical Use Cases

The Municipal Water Authority of Aliquippa confirmed it had been the subject of a breach Saturday that shut down a supply pump providing drinking water to multiple municipalities, including a town in the Pittsburgh metropolitan area with nearly 3,000 residents, according to U.S. Census data.


The water authority uses pressure-monitoring equipment developed by the Israeli technology company Unitronics. When the attack occurred, a small Unitronics device in the Pennsylvania facility flashed a bright red message that read: “You have been hacked. Down with Israel. Every equipment ‘made in Israel’ is Cyber Av3ngers legal target.”


The intrusion triggered alerts to the U.S. Department of Homeland Security and sent on-call municipal workers scrambling during the holiday weekend to shut down automated systems and conduct manual operations.


Robert Bible, a Pittsburgh-area water authority official, told media outlets that local water service was not disrupted and water quality remained unaffected from the incident.

The attack is one of a handful of known cyberattacks on American water systems. The Biden administration earlier this year attempted to use existing regulatory authorities to force water systems into evaluating their cybersecurity risk, but it backed off in the face of a court ruling staying the…

Source…