Hackers breach US water facility via exposed Unitronics PLCs

CISA is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers exposed online. PLCs are crucial control and management devices in industrial settings, and hackers compromising them could have severe repercussions, such as water supply contamination through manipulating the device to alter chemical dosing. Other risks include service disruption leading to a halt in water supply and physical damage to the infrastructure by overloading pumps or opening and closing valves. CISA confirmed that hackers have already breached a U.S. water facility by hacking these devices. The attack did not compromise potable water safety for the served communities. "Cyber threat actors are targeting PLCs associated with WWS facilities, including an identified Unitronics PLC, at a U.S. water facility," reads CISA's alert. "In response, the affected municipality's water authority immediately took the system offline and switched to manual operations-there is no known risk to the municipality's drinking water or water supply." The agency underlines that the threat actors take advantage of poor security practices to attack Unitronics Vision Series PLC with a human-machine interface rather than exploit a zero-day vulnerability on the product. Replace the default Unitronics PLC password, ensuring "1111" is not used. Implement MFA for all remote access to the Operational Technology network, including access from IT and external networks. If remote access is necessary, use a Firewall/VPN setup to control access. Regularly back up logic and configurations for quick recovery in case of ransomware attacks. Avoid using the default TCP port 20256, which is commonly targeted by cyber actors. Update the PLC/HMI firmware to the latest version provided by Unitronics. While CISA's advisory did not specify the threat actor behind the attacks, Cyberscoop reported that a recent hack on the Municipal Water Authority of Aliquippa, Pa., was conducted by Iranianian attackers. As part of this attack, the threat actors hijacked Unitronics PLCs to display a message from the threat actors. CISA also announced in September 2023 a free security scans program for critical infrastructure facilities like water utilities to help them identify security gaps and protect their systems from opportunistic attacks. Slovenia's largest power provider HSE hit by ransomware attack. Hacktivists breach U.S. nuclear research lab, steal employee data. CISA orders federal agencies to patch Looney Tunables Linux bug. CISA warns of actively exploited Windows, Sophos, and Oracle bugs. FBI shares tactics of notorious Scattered Spider hacker collective.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 20:24:55 +0000


Cyber News related to Hackers breach US water facility via exposed Unitronics PLCs

Hackers breach US water facility via exposed Unitronics PLCs - CISA is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers exposed online. PLCs are crucial control and management devices in industrial settings, and hackers compromising them could ...
10 months ago Bleepingcomputer.com
IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities - SUMMARY. The Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency, National Security Agency, Environmental Protection Agency, and the Israel National Cyber Directorate-hereafter referred to as "The authoring agencies"-are ...
10 months ago Cisa.gov
States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water Utilities - The tiny Aliquippa water authority in western Pennsylvania was perhaps the least-suspecting victim of an international cyberattack. Then it - along with several other water utilities - was struck by what federal authorities say are Iranian-backed ...
9 months ago Securityweek.com
ICS at Multiple US Water Facilities Targeted by Hackers Affiliated With Iranian Government - The hackers behind recent cyberattacks targeting industrial control systems at water facilities in the US are affiliated with the Iranian government, according to security agencies in the United States and Israel. The FBI, CISA, the NSA, the EPA and ...
10 months ago Securityweek.com
Florida water agency latest to confirm cyber incident as feds warn of nation-state attacks - A regulatory agency in Florida that oversees the long-term supply of drinking water confirmed that it responded to a cyberattack over the last week as the top cybersecurity agencies in the U.S. warned of foreign attacks on water utilities. The agency ...
10 months ago Therecord.media
Cyberattack on Irish Utility Cuts Off Water Supply for Two Days - An attack launched by hackers last week against the systems of a small water utility in Ireland interrupted the water supply for two days. The cyberattack was reported by a local newspaper, Western People, and technical details are murky. The attack ...
10 months ago Packetstormsecurity.com
CyberAv3ngers hit Unitronics PLCs at multiple US-based water facilities - Iran-affiliated attackers CyberAv3ngers continue to exploit vulnerable Unitronics programmable logic controllers, US and Israeli authorities have said in a joint cybersecurity advisory. CyberAv3ngers targeting Unitronics PLCs. CISA has recently ...
10 months ago Helpnetsecurity.com
Water services giant Veolia North America hit by ransomware attack - Veolia North America, a subsidiary of transnational conglomerate Veolia, disclosed a ransomware attack that impacted systems part of its Municipal Water division and disrupted its bill payment systems. After detecting the attack, Veolia has ...
8 months ago Bleepingcomputer.com
Congressmen Ask DOJ to Investigate Water Utility Hack, Warning It Could Happen Anywhere - Three members of Congress have asked the U.S. Justice Department to investigate how foreign hackers breached a water authority near Pittsburgh, prompting the nation's top cyberdefense agency to warn other water and sewage-treatment utilities that ...
10 months ago Securityweek.com
Two-day water outage in remote Irish region caused by pro-Iran hackers - Residents of a remote area on Ireland's west coast were left without water last week due to a cyberattack perpetrated by a pro-Iran hacking group targeting a piece of equipment the hackers complained was made in Israel. The incident affected a ...
10 months ago Therecord.media
Breaches by Iran-Affiliated Hackers Spanned Multiple U.S. States, Federal Agencies Say - A small western Pennsylvania water authority was just one of multiple organizations breached in the United States by Iran-affiliated hackers who targeted a specific industrial control device because it is Israeli-made, U.S. and Israeli authorities ...
10 months ago Securityweek.com
Cyber Av3ngers gang hacks industrial controllers across multiple US states - U.S. federal agencies have confirmed the Iranian threat group that breached a Pennsylvanian water authority pump station controller also compromised similar systems at facilities in other states. The Municipal Water Authority of Aliquippa was forced ...
10 months ago Packetstormsecurity.com
Cyberattack Defaces Israeli-Made Equipment at US Water Agency, Brewing Firm - The targets included the Equipment used by the Municipal Water Authority of Aliquippa, Pennsylvania and Brewmation, a New York-based company specializing in turnkey brewing and distilling equipment. U.S. officials have attributed a cyberattack on the ...
10 months ago Hackread.com
Hackers Hijacked Irish Water Facility that Interrupted Supply - Recently, there was a cyberattack on an Irish water utility that resulted in hackers gaining control of the system and disrupting the water supply. Last week, a private group water system in the Erris area was targeted by cybercriminals in a ...
10 months ago Cybersecuritynews.com
Cybersecurity agency warns that water utilities are vulnerable to hackers after Pennsylvania attack - HARRISBURG, Pa. - Hackers are targeting industrial control systems widely used by water and sewage-treatment utilities, potentially threatening water supplies, the top U.S. cyberdefense agency said after a Pennsylvania water authority was hacked. The ...
10 months ago Abcnews.go.com
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
9 months ago Securityboulevard.com
UK water company that serves millions confirms system attack The Register - Scans of identity documents such as passports and driving licenses. Documents that appear to be HR-related, displaying the personal data of what could be customers, including home address, office address, dates of birth, nationalities, and email ...
8 months ago Theregister.com
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
8 months ago Securityzap.com
Pro-Iran Attackers Access Multiple Water Facility Controllers - Critical infrastructure in multiple US states may have been compromised by Iran-affiliated attackers targeting programmable logic controllers. A warning from the FBI, Cybersecurity and Infrastructure Security Agency, National Security Agency, the ...
10 months ago Darkreading.com
DOE Puts Up $70 Million to Secure US Energy Infrastructure - The federal government will spend as much as $70 million for technologies that will create a more resilient energy delivery infrastructure that is better protected against a range of threats, including from cybercriminals. The U.S. Department of ...
9 months ago Securityboulevard.com
Top White House cyber aide says recent Iran hack on water system is call to tighten cybersecurity - WASHINGTON - A top White House national security official said recent cyber attacks by Iranian hackers on U.S. water authorities - as well as a separate spate of ransomware attacks on the health care industry - should be seen as a call to action by ...
10 months ago Apnews.com
Top White House Cyber Aide Says Recent Iran Hack on Water System Is Call to Tighten Cybersecurity - A top White House national security official said recent cyber attacks by Iranian hackers on US water authorities - as well as a separate spate of ransomware attacks on the health care industry - should be seen as a call to action by utilities and ...
10 months ago Securityweek.com
US Confirms Iranian Attacks on Water Companies - The US Cybersecurity and Infrastructure Security Agency has revealed Iran's Islamic Revolutionary Guard Corps is behind a series of recent strikes against water plants. The PLCs are commonly used by organizations operating in the Water and Wastewater ...
10 months ago Infosecurity-magazine.com
Siemens PLCs Still Vulnerable to Stuxnet-Like Cyberattacks - Programmable logic controllers that were vulnerable to the Stuxnet attack are still in use globally and rarely have security controls deployed - meaning they're still at risk. More than 10 years after Stuxnet, new research shows users rarely switch ...
10 months ago Darkreading.com
Ransomware gang targets nonprofit providing clean water to world's poorest - Water for People, a nonprofit that aims to improve access to clean water for people whose health is threatened by a lack of it for drinking and sanitation, is the latest organization to have been hit by ransomware criminals. The ...
8 months ago Therecord.media

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)