While the water supply remained unharmed, the Municipal Water Authority of Aliquippa in Pennsylvania verified that assailants seized control of a boost train system during the weekend.
The company caters to over 6,600 users in Aliquippa and parts of Hopewell, Raccoon, and Potter Townships, providing water and sewage services.
An official from the water authority revealed that the compromised system is linked to a boost train responsible for monitoring and regulating water pressure in Raccoon and Potter Townships.
Upon detection of the breach through an alarm, the Aliquippa utility promptly shut down the affected system to mitigate any risks. Fortunately, the water source and quality remained unaffected, as confirmed by the water agency’s spokesperson.
The attack has been claimed by an Iranian hacktivist group known as Cyber Av3ngers, targeting the industrial control system (ICS) manufactured by the Israeli company Unitronics, particularly focusing on the Unitronics Vision system, which consists of a programmable logic controller (PLC) with an integrated human-machine interface (HMI). Vulnerabilities in Unitronics Vision products have been identified as potential entry points for such attacks.
The accessibility of HMIs without proper authentication makes them an easy target for novice threat actors, as highlighted by the hackers’ successful intrusion.
In the midst of escalating tensions between Israel and Hamas, the Cyber Av3ngers group has allegedly breached multiple water treatment facilities in Israel since October 7. However, their track record of exaggeration and dissemination of fake data raises doubts about the actual impact of their actions.
Hacktivist organizations often target industrial control systems due to their critical nature and the potential for widespread repercussions. Despite their lack of expertise in specific systems, hackers can manipulate parameters through HMIs to disrupt physical processes, exploiting the lax security measures in place.
While hacktivist groups tend to sensationalize their achievements, experts caution against underestimating the potential risks posed by such attacks.
The involvement of federal authorities in the investigation remains unclear, although Pennsylvania State Police have been notified of the incident at the Aliquippa water facility.
Attacks on the water sector, particularly targeting ICS at liquid facilities, have become increasingly prevalent, prompting the provision of free risk monitoring services to industry organizations by the US government agency CISA.
