HARRISBURG, Pa. (AP) — Three members of Congress have asked the U.S. Justice Department to investigate how foreign hackers breached a water authority near Pittsburgh, prompting the nation’s top cyberdefense agency to warn other water and sewage-treatment utilities that they may be vulnerable.
On Thursday, Senators John Fetterman and Bob Casey and Representative Chris Deluzio released a statement emphasizing the importance of ensuring the safety of drinking water and other essential infrastructure from potential threats posed by nation-state adversaries and terrorist groups.
Fetterman, Casey, and Deluzio expressed in their letter to Attorney General Merrick Garland that any assault on the crucial systems of our country is not tolerable. They emphasized that if a cyber attack can occur in western Pennsylvania, it is also possible in other parts of the United States.
The affected industrial control system was manufactured in Israel. A photograph obtained from the Municipal Water Authority of Aliquippa, Pennsylvania, indicates that the “hacktivists” specifically chose to target this facility due to its connection to Israel. The screen on the device displayed a message from the hackers stating that any equipment made in Israel is a legitimate target for the Cyber Avengers.
The group, known as [name], utilized the same wording on X (previously known as Twitter) and Telegram on Sunday. In a post on social media on Oct. 30, the group asserted that they had hacked 10 water treatment facilities in Israel, but it is uncertain if they caused any equipment to cease functioning.
The U.S. officials informed Casey’s office that they suspect Cyber Av3ngers to be responsible for the attack. Matthew Mottes, the chairman of Aliquippa water authority, stated that federal officials informed him that the hackers had also infiltrated four other utilities and an aquarium.
During an interview, Mottes stated that although other authorities in the country have also been impacted, it is believed that we were the first to experience this.
Cybersecurity experts from Check Point Research and Google’s Mandiant have determined that Cyber Av3ngers is a group of hacktivists that are affiliated with the government of Iran.
According to Sergey Shykevich of Check Point, the Israel-Hamas conflict has led to an increase in the targeting of Israeli critical infrastructure by the group. Prior to the October 7th attack by Hamas, there was already ongoing cyber conflict between Iran and Israel. Experts in cybersecurity predicted a surge in hacktivism following Israel’s attacks in Gaza.
The piece of equipment that was compromised in Pennsylvania was created by Unitronics, a company based in Israel. This information was reported by the U.S. Cybersecurity and Infrastructure Security Agency. The device, called a programmable logic controller, is commonly used in various industries such as water and sewage treatment, electric companies, and oil and gas production. Its function is to regulate processes such as pressure, temperature, and fluid flow, as stated by the manufacturer.
Unitronics has failed to provide information regarding potential hacking incidents or vulnerabilities of other facilities using their equipment.
According to experts, numerous water companies have not given enough consideration to protecting against cyber threats.
The water authority in Pennsylvania was forced to stop pumping on Saturday at a remote station that controls water pressure for customers in two nearby towns due to a hack. Officials stated that the system was taken offline and operated manually by crews.
The assault occurred within a month of a ruling by a federal appeals court which led to the Environmental Protection Agency retracting a regulation that would have required American public water systems to incorporate cybersecurity evaluations into their routine audits mandated by the government. This decision was prompted by a lawsuit brought forth by Missouri, Arkansas, and Iowa, along with support from a trade organization for water utilities.
The current administration under President Biden has been making efforts to strengthen the security of crucial infrastructure, the majority of which is owned by private entities. This has led to the implementation of regulations on various sectors such as electric utilities, gas pipelines, and nuclear facilities. However, some experts argue that there are still too many important industries that are allowed to regulate themselves.
The U.S. cybersecurity agency issued a warning on Tuesday stating that the attackers most likely gained access to the Unitronics device by taking advantage of cybersecurity vulnerabilities, such as weak passwords and internet exposure.
Mottes stated that he was unaware of the method used to hack the device in Aliquippa, but he had confidence in the judgment of the federal agency.