OAN’s Brooke Mallory
1:38 PM – Monday, December 4, 2023
According to U.S. and Israeli officials, a number of United States organizations were compromised by Iran-affiliated hackers who targeted an Israeli-made industrial control device.
“The victims span multiple U.S. states,” said the FBI, the Environmental Protection Agency, the Cybersecurity and Infrastructure Security Agency, known as CISA, as well as Israel’s National Cyber Directorate in an advisory that was emailed to The Associated Press.
They did not specify the number of compromised organizations.
The head of the Municipal Water Authority of Aliquippa, Matthew Mottes, announced on Thursday that he had received word from federal officials who said that the same group also compromised an aquarium and four other utilities after discovering that it had been hacked on November 25th.
Although there is no proof that Iran was involved in the Oct. 7th attack on Israel by Hamas that prompted the ongoing Gaza conflict, cybersecurity experts predict that state-sponsored Iranian hackers and pro-Palestinian “hacktivists” will increase their cyberattacks against Israel and its allies in the wake of the strike.
The multiagency advisory clarified what CISA had not mentioned when it verified the hack in Pennsylvania on Wednesday: that other sectors of the economy besides water and water treatment facilities also use Unitronics’ Vision Series programmable logic controllers, which are potentially vulnerable.
According to the recommendation, these sectors include “energy, food and beverage manufacturing, and healthcare.” The apparatuses control temperature, pressure, and fluid flow, among other functions.
Workers at a distant station that controls water pressure for two neighboring towns were encouraged by the Aliquippa hack to temporarily stop pumping, which forced the operators to turn to manual operation. On the infected gadget, the hackers placed a digital calling card that declared all equipment manufactured in Israel to be a “legal target.”
It was unknown, according to the multiagency advice, if the hackers had attempted to delve further into compromised networks. According to the statement, the access they did have allowed for “more profound cyberphysical effects on processes and equipment.”
The hackers, who refer to themselves as “Cyber Av3ngers,” are connected to the Islamic Revolutionary Guards Corps in Iran, which the United States classified as a foreign terrorist group in 2019. The organization claimed to have been targeting the Unitronics devices since at least November 22nd.
Using the Shodan service, an online search on Saturday turned up more than 200 of these internet-connected gadgets in the United States and more than 1,700 worldwide.
Unitronics devices are pre-configured with a default password, which is not recommended by experts since it increases the susceptibility of the devices to hacking. Best practices call for gadgets to demand users set a special password.
According to the report, “exploiting cybersecurity weaknesses, including poor password security and exposure to the internet,” is what officials believe is the reason that the hackers gained access to the impacted computers.
Many water companies, according to experts, have not given cybersecurity measures enough thought.
Three lawmakers from Pennsylvania wrote to the U.S. Justice Department and requested an investigation into the Aliquippa hack. Democrat Senators Bob Casey (D-Pa.) and John Fetterman (D-Pa.), together with U.S. Representative Chris Deluzio (D-Pa.), stated that citizens need to know that “nation-state adversaries and terrorist organizations” cannot harm drinking water or other essential infrastructure.
In a social media post on October 30th, Cyber Av3ngers stated that they had breached ten water treatment facilities in Israel, however, it is unclear if any equipment was disabled.
According to Sergey Shykevich of Check Point, the organization has grown and intensified its targeting of vital Israeli infrastructure since the start of the Israel-Hamas conflict. Before October 7th, there was a low-level cyber conflict between Iran and Israel.
Unitronics has not responded to any requests for comment.
The incident occurred less than a month after the EPA was forced to retract a regulation that would have required public water systems in the United States to incorporate cybersecurity testing in their routine audits, as required by federal law, due to a judgment made by a federal appeals court. A federal appeals court ruling in a case filed by Missouri, Arkansas, and Iowa, together with participation from a trade association representing water utilities, set off the rollback.
The Biden administration has set rules on industries, including electric utilities, gas pipelines, and nuclear plants, in an effort to strengthen cybersecurity for vital infrastructure, which is more than 80% privately held. However, many experts argue that too many crucial industries are allowed to exercise self-regulation.
Stay informed! Receive breaking news blasts directly to your inbox for free. Subscribe here. https://www.oann.com/alerts