The U.S. Cybersecurity and Infrastructure Security Company (CISA) uncovered that it is responding to a cyber attack that associated the active exploitation of Unitronics programmable logic controllers (PLCs) to focus on the Municipal H2o Authority of Aliquippa in western Pennsylvania.
The attack has been attributed to an Iranian-backed hacktivist collective recognised as Cyber Av3ngers.
“Cyber menace actors are targeting PLCs involved with [Water and Wastewater Systems] amenities, which includes an determined Unitronics PLC, at a U.S. water facility,” the company said.

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
“In reaction, the impacted municipality’s h2o authority right away took the procedure offline and switched to manual operations—there is no acknowledged risk to the municipality’s consuming drinking water or water supply.”
According to news reports quoted by the Drinking water Information Sharing & Evaluation Heart (WaterISAC), CyberAv3ngers is alleged to have seized manage of the booster station that screens and regulates force for Raccoon and Potter Townships.
With PLCs becoming applied in the WWS sector to observe a variety of stages and processes of water and wastewater remedy, disruptive attacks attempting to compromise the integrity of this sort of critical processes can have adverse impacts, protecting against WWS services from supplying accessibility to clear, potable drinking water.
To mitigate such attacks, CISA is recommending that businesses modify the Unitronics PLC default password, enforce multi-factor authentication (MFA), disconnect the PLC from the internet, again up the logic and configurations on any Unitronics PLCs to permit speedy recovery, and utilize most up-to-date updates.
Cyber Av3ngers has a record of targeting the critical infrastructure sector, declaring to have infiltrated as quite a few as 10 h2o cure stations in Israel. Past month, the group also claimed obligation for a important cyber assault on Orpak Devices, a well known company of gasoline station solutions in the place.
“Each individual Tools ‘Made In Israel’ Is Cyber Av3ngers Lawful Focus on,” the group claimed in a concept posted on its Telegram channel on November 26, 2023.
Found this report interesting? Comply with us on Twitter and LinkedIn to read additional special content material we put up.
Some areas of this post are sourced from:
thehackernews.com