Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Hackers Hijack Industrial Control System at US Water Utility 

Municipal Water Authority of Aliquippa in Pennsylvania confirms that hackers took control of a booster station, but says no risk to drinking water or water supply.

Water utility cybersecurity

The Municipal Water Authority of Aliquippa in Pennsylvania has confirmed that hackers took control of a system associated with a booster station over the weekend, but said there was no risk to the water supply.

The company provides water and sewer services to more than 6,600 customers in Aliquippa and portions of Hopewell, Raccoon and Potter Townships.

A representative of the water utility told KDKA-TV that the compromised system is associated with a booster station that monitors and regulates water pressure for Raccoon and Potter Townships.

An alarm quickly alerted the Aliquippa utility of the intrusion and the compromised system was disabled. The water facility’s representative said there was no known risk to the water supply or drinking water. 

An Iran-linked hacktivist group calling itself Cyber Av3ngers has taken credit for the attack. The anti-Israel hackers appear to have targeted an industrial control system (ICS) made by Israeli company Unitronics.

An image posted by KDKA-TV suggests that the hackers took control of a Unitronics Vision system, which is a programmable logic controller (PLC) with an integrated human-machine interface (HMI). Unitronics Vision products have been known to be affected by critical vulnerabilities that could expose devices to attacks.

On the other hand, HMIs are often left exposed to the internet and are accessible without authentication, making them an easy target even for low-skilled threat actors.

The Cyber Av3ngers group claims to have breached the systems of many water treatment stations in Israel since the Israel-Hamas conflict escalated on October 7.

Advertisement. Scroll to continue reading.

However, the hackers have been known to exaggerate the impact of their attacks and have even been found to publish fake data and claim it was stolen from a targeted organization. 

Hacktivist groups often target ICS because they are well aware of the potential implications of hacking these types of devices and it helps them draw more attention to their cause. 

In many cases, hacktivists don’t need to be industrial system experts in order to conduct attacks. Because HMIs are often left unprotected, hackers can easily access them and change parameters that could have a significant impact on physical processes. 

The claims of such hacktivist groups are often exaggerated, but experts have warned that they should not be ignored. 

KDKA-TV reported that Pennsylvania State Police were notified of the incident at the Aliquippa water utility, but it’s unclear if federal authorities have also gotten involved in the investigation. 

Cyberattacks aimed at the water sector are not uncommon and there have been confirmed reports of attacks impacting ICS at water facilities. That is why the US government agency CISA recently started offering a free vulnerability scanning service to organizations in this sector.

Related: Former Contractor Employee Charged for Hacking California Water Treatment Facility

Related: EPA Mandates States Report on Cyber Threats to Water Systems

Related: Unpatched Security Flaws Expose Water Pump Controllers to Remote Hacker Attacks

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Cybercrime

Energy giants Schneider Electric and Siemens Energy confirm being targeted by the Cl0p ransomware group in the campaign exploiting a MOVEit zero-day.

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.

ICS/OT

Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).

ICS/OT

Mandiant's Chief analyst urges critical infrastructure defenders to work on finding and removing traces of Volt Typhoon, a Chinese government-backed hacking team caught in...

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...