Bad Password May Have Led to Pennsylvania Water System Hack

TNS) - Federal and state security officials said a poor or even default password could be the weak link that enabled hackers to break into a Pittsburgh-area water system. The Municipal Water Authority of Aliquippa suffered the cyberattack on Saturday, with several media outlets displaying images of a screen from the authority equipment that claimed to target Israeli-made products. In a Tuesday alert, the federal Cybersecurity and Infrastructure Security Agency said the hackers, who some media outlets have identified as the pro-Iran group CyberAvengers, "Likely accessed the affected device ... by exploiting cybersecurity weaknesses, including poor password security and exposure to the internet." CISA is a federal agency that falls under the Department of Homeland Security. The Pennsylvania Criminal Intelligence Center shared CISA's advisory Wednesday and reminded security experts "To ensure the default '1111' password is not in use" on their networks, according to an email obtained by TribLive. No customers of Aliquippa's service lost access to water due to the attack, said Robert Bible, general manager of the Aliquippa Municipal Authority, in an interview with TribLive news partner WTAE. Bible said the hackers targeted a small substation in Racoon Township. They disabled a device that is used to automatically control water levels at the authority's tanks, he said. Bible did not return phone calls Wednesday to the municipal authority. Aliquippa Mayor Dwan B. Walker also could not be reached for comment. CISA officials, in their Tuesday advisory, identified equipment hacked at the Pennsylvania utility as a "Unitronics Vision Series PLC with a Human Machine Interface." Pittsburgh-based Jewish security officials said they also have grappled with cybersecurity issues related to the conflict in the Middle East. Pro-Palestinian hackers briefly took over the Jewish Federation of Greater Pittsburgh's feed last month on X, the platform formerly known as Twitter. The organization, which has offices in South Oakland, said the hack also affected its Facebook account. "We are aware that the cyber threat environment is elevated right now," federation spokesman Adam Hertzman told TribLive. Shawn Brokos, a retired FBI veteran who leads Jewish community security efforts for the federation in Pittsburgh, said she's been having "Frequent conversations with the FBI" about infrastructure threats. Brokos said the Aliquippa incident was the first incident of its kind she had heard about in the Pittsburgh area. Government officials, both state and federal, remained tight-lipped Wednesday about investigating what happened in Aliquippa. CISA "Is aware of a reported intrusion into a Pennsylvania water utility," said Eric Goldstein, its executive assistant director for cybersecurity, in a prepared statement. A spokesman for the state police, which control and supervise the Pennsylvania Criminal Intelligence Center, answered every TribLive question by repeating that police had turned over the investigation to the FBI and the federal Department of Homeland Security. "We cannot confirm nor deny the existence of an investigation," said Catherine Coennen, the FBI spokeswoman in the Pittsburgh office.

This Cyber News was published on www.govtech.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Bad Password May Have Led to Pennsylvania Water System Hack

States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water Utilities - The tiny Aliquippa water authority in western Pennsylvania was perhaps the least-suspecting victim of an international cyberattack. Then it - along with several other water utilities - was struck by what federal authorities say are Iranian-backed ...
10 months ago Securityweek.com
Congressmen Ask DOJ to Investigate Water Utility Hack, Warning It Could Happen Anywhere - Three members of Congress have asked the U.S. Justice Department to investigate how foreign hackers breached a water authority near Pittsburgh, prompting the nation's top cyberdefense agency to warn other water and sewage-treatment utilities that ...
11 months ago Securityweek.com
Water services giant Veolia North America hit by ransomware attack - Veolia North America, a subsidiary of transnational conglomerate Veolia, disclosed a ransomware attack that impacted systems part of its Municipal Water division and disrupted its bill payment systems. After detecting the attack, Veolia has ...
9 months ago Bleepingcomputer.com
Florida water agency latest to confirm cyber incident as feds warn of nation-state attacks - A regulatory agency in Florida that oversees the long-term supply of drinking water confirmed that it responded to a cyberattack over the last week as the top cybersecurity agencies in the U.S. warned of foreign attacks on water utilities. The agency ...
11 months ago Therecord.media
Bad Password May Have Led to Pennsylvania Water System Hack - TNS) - Federal and state security officials said a poor or even default password could be the weak link that enabled hackers to break into a Pittsburgh-area water system. The Municipal Water Authority of Aliquippa suffered the cyberattack on ...
11 months ago Govtech.com
Cybersecurity agency warns that water utilities are vulnerable to hackers after Pennsylvania attack - HARRISBURG, Pa. - Hackers are targeting industrial control systems widely used by water and sewage-treatment utilities, potentially threatening water supplies, the top U.S. cyberdefense agency said after a Pennsylvania water authority was hacked. The ...
11 months ago Abcnews.go.com
Breaches by Iran-Affiliated Hackers Spanned Multiple U.S. States, Federal Agencies Say - A small western Pennsylvania water authority was just one of multiple organizations breached in the United States by Iran-affiliated hackers who targeted a specific industrial control device because it is Israeli-made, U.S. and Israeli authorities ...
11 months ago Securityweek.com
Cyberattack Defaces Israeli-Made Equipment at US Water Agency, Brewing Firm - The targets included the Equipment used by the Municipal Water Authority of Aliquippa, Pennsylvania and Brewmation, a New York-based company specializing in turnkey brewing and distilling equipment. U.S. officials have attributed a cyberattack on the ...
11 months ago Hackread.com
Cyberattack on Irish Utility Cuts Off Water Supply for Two Days - An attack launched by hackers last week against the systems of a small water utility in Ireland interrupted the water supply for two days. The cyberattack was reported by a local newspaper, Western People, and technical details are murky. The attack ...
10 months ago Packetstormsecurity.com
ICS at Multiple US Water Facilities Targeted by Hackers Affiliated With Iranian Government - The hackers behind recent cyberattacks targeting industrial control systems at water facilities in the US are affiliated with the Iranian government, according to security agencies in the United States and Israel. The FBI, CISA, the NSA, the EPA and ...
11 months ago Securityweek.com
Hackers breach US water facility via exposed Unitronics PLCs - CISA is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers exposed online. PLCs are crucial control and management devices in industrial settings, and hackers compromising them could ...
11 months ago Bleepingcomputer.com
UK water company that serves millions confirms system attack The Register - Scans of identity documents such as passports and driving licenses. Documents that appear to be HR-related, displaying the personal data of what could be customers, including home address, office address, dates of birth, nationalities, and email ...
9 months ago Theregister.com
Hackers Hijacked Irish Water Facility that Interrupted Supply - Recently, there was a cyberattack on an Irish water utility that resulted in hackers gaining control of the system and disrupting the water supply. Last week, a private group water system in the Erris area was targeted by cybercriminals in a ...
10 months ago Cybersecuritynews.com
Two-day water outage in remote Irish region caused by pro-Iran hackers - Residents of a remote area on Ireland's west coast were left without water last week due to a cyberattack perpetrated by a pro-Iran hacking group targeting a piece of equipment the hackers complained was made in Israel. The incident affected a ...
10 months ago Therecord.media
Top White House cyber aide says recent Iran hack on water system is call to tighten cybersecurity - WASHINGTON - A top White House national security official said recent cyber attacks by Iranian hackers on U.S. water authorities - as well as a separate spate of ransomware attacks on the health care industry - should be seen as a call to action by ...
10 months ago Apnews.com
Top White House Cyber Aide Says Recent Iran Hack on Water System Is Call to Tighten Cybersecurity - A top White House national security official said recent cyber attacks by Iranian hackers on US water authorities - as well as a separate spate of ransomware attacks on the health care industry - should be seen as a call to action by utilities and ...
10 months ago Securityweek.com
Ransomware gang targets nonprofit providing clean water to world's poorest - Water for People, a nonprofit that aims to improve access to clean water for people whose health is threatened by a lack of it for drinking and sanitation, is the latest organization to have been hit by ransomware criminals. The ...
9 months ago Therecord.media
Best Password Generators of 2024 to Secure Your Accounts - Overview of best password generators to secure online accounts. We have various password generators to help us protect our accounts and practical barriers to protect our sensitive information. We have compiled this list of the best password ...
5 months ago Cyberdefensemagazine.com
Greater Paris wastewater agency dealing with cyberattack - The organization that manages wastewater for nine million people in and around Paris was hit with a cyberattack on Friday. Service public de l'assainissement francilien - known by its acronym SIAAP - manages nearly 275 miles of pipes throughout four ...
11 months ago Therecord.media
Cyberattack on Pennsylvania Water Authority Disrupts OT Gear - This past weekend, the Aliquippa Municipal Water Authority, located in Pittsburgh, experienced a cyberattack after one of its booster stations was hacked by an Iranian-backed cyber group. The threat group, known as Cyber Av3ngers, hacked a system ...
11 months ago Darkreading.com
DOE Puts Up $70 Million to Secure US Energy Infrastructure - The federal government will spend as much as $70 million for technologies that will create a more resilient energy delivery infrastructure that is better protected against a range of threats, including from cybercriminals. The U.S. Department of ...
9 months ago Securityboulevard.com
Pikabot Malware Surfaces As Qakbot Replacement for Black Basta Attacks - A threat actor associated with Black Basta ransomware attacks has been wielding a new loader similar to the notoriously hard-to-kill Qakbot, in a widespread phishing campaign aimed at gaining entry to organization networks for further malicious ...
9 months ago Darkreading.com
US Authorities Identify Iranian Connection in Recent Cybersecurity Breaches - It has been announced that six Iranian officials have been sanctioned by the U.S. Department of Treasury's Office of Foreign Assets Control, the Iranian government organization responsible for the series of malicious cyber activities directed against ...
9 months ago Cysecurity.news
Understand the pros and cons of enterprise password managers - To counter these threats, corporate IT security teams are turning to business-grade password managers to help centralize and streamline password and credential management. A password manager is a credential vault that gives IT teams a unified digital ...
8 months ago Techtarget.com
Password Advice for the Rest of Us - Cisco Blogs - The key function you’re wanting out of a password manager is the ability to create passwords that are at least twenty (20) characters long, with all the typical mix of letters, numbers and symbols, as well as the ability to create a unique password ...
1 month ago Feedpress.me

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)