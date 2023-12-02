HARRISBURG, Pa. (AP) — A small western Pennsylvania water authority was one of several organizations in the United States breached by Iran-affiliated hackers, who targeted a specific industrial control device because it is Israeli-made, American and Israeli officials say.

“Victims are numerous,” the FBI, the Environmental Protection Agency, the Cybersecurity and Infrastructure Security Agency, known as CISA, as well as Israel’s National Cyber ​​Directorate said in an advisory emailed to The Associated Press late Friday. Spread across the US states.”

He did not say how many organizations were hacked or otherwise describe them.

Matthew Mottes, president of Aliquippa’s Municipal Water Authority, which discovered it was hacked on Nov. 25, said Thursday that federal officials had told him that the same group had also breached four other utilities and an aquarium.

Cybersecurity experts say that although there is no evidence of Iranian involvement in the October 7 attack on Israel by Hamas that triggered the war in Gaza, they expect state-backed Iranian hackers and pro-Palestinian hacktivists to attack Israel and its Cyber ​​attacks on allies will increase. Its result. And that’s exactly what happened.

The multiagency advisory pointed out what CISA did not do when it confirmed the Pennsylvania hack on Wednesday – that other industries outside water and water-treatment facilities use the same equipment – ​​Vision Series Programmable Logic Controllers made by Unitronics – and were also potentially unsafe.

Those industries include “energy, food and beverage manufacturing and healthcare,” the advisory said. Instruments control processes including pressure, temperature and fluid flow.

The Aliquippa hack prompted workers to temporarily stop pumping at a remote station that controls water pressure for two nearby towns, forcing workers to switch to manual operation. The hackers left a digital calling card on the compromised device, stating that all Israeli-made devices are “a legal target”.

The multiagency advisory said it is not known whether the hackers tried to penetrate deeper into the breached network. It says their access enables “deeper cyber physical impacts on processes and equipment.”

The hackers, who call themselves “CyberAV3ngers”, are affiliated with Iran’s Islamic Revolutionary Guards Corps, which the US designated as a foreign terrorist organization in 2019, the advisory said. The group has targeted Unitronics equipment since at least November 22. ,

An online search Saturday with the Shodan service identified more than 200 such Internet-connected devices in the US and more than 1,700 globally.

Unitronics devices come with a default password, which experts discourage as it makes them more vulnerable to hacking, the advisory said. Best practices require devices to generate a unique password out of the box. It said the hackers likely gained access to the affected devices by “exploiting cybersecurity vulnerabilities, including poor password security and Internet connectivity.”

Experts say many water utilities have paid insufficient attention to cybersecurity.

In response to the Aliquippa hack, three Pennsylvania congressmen wrote a letter asking the U.S. Department of Justice to investigate. Americans should know that their drinking water and other infrastructure is safe from “nation-state adversaries and terrorist organizations,” said US Sens. John Fetterman and Bob Casey and US Rep. Chris DeLuzio. Cyber ​​Avengers claimed in an October 30 social media post that they had hacked 10 water treatment stations in Israel, although it was unclear whether they shut down any equipment.

Since the beginning of the Israel-Hamas war, the group has expanded and intensified its targeting of Israeli critical infrastructure, said Check Point’s Sergei Shykevich. Before October 7, Iran and Israel were engaged in a low-level cyber conflict. Unitronics did not respond to AP’s questions about the hack.

The attack came less than a month after a federal appeals court decision that prompted the EPA to rescind a rule that required U.S. public water systems to include cybersecurity testing in their regular federally mandated audits. Obliges. The rollback was triggered by a federal appeals court decision in a case brought by Missouri, Arkansas and Iowa, and joined by a water utility trade group.

The Biden administration is trying to strengthen the cybersecurity of critical infrastructure – more than 80% of which is privately owned – and has imposed regulations on sectors including electric utilities, gas pipelines and nuclear facilities. But many experts complain that too many important industries have been allowed to self-regulate.

Frank Bajak and Mark Levy, The Associated Press

Source: ca.finance.yahoo.com