Skip to content

Another Cyberattack on Critical Infrastructure and the Outlook on Cyberwarfare

December 8, 2023 – Published on InformationWeek

CyberAv3ngers, an Iranian Government Islamic Revolutionary Guard Corps (IRGC)-affiliated group, claimed credit for a Nov. 25 cyberattack on the Municipal Water Authority of Aliquippa in Pennsylvania. The threat group hacked a system with Israeli-owned parts at one of the water authority’s booster stations. The booster station was able to shut down the impacted system, which monitors water pressure, and switch to manual operations.

CyberAv3ngers hacked a system known as Unitronics. During the attack, the following message appeared on the screen at the booster station:  “You Have Been Hacked. Down With Israel, Every Equipment ‘Made In Israel’ Is CyberAv3ngers Legal Target.”

The Cybersecurity and Infrastructure and Security Agency (CISA) released a cybersecurity advisory on IRGC-affiliated actors’ exploitation of programmable logic controllers (PLCs) in multiple sectors. Unitronics PLCs are commonly used in water and wastewater systems, according to the advisory. PLCs operate with a human machine interface (HMI).

CyberAv3ngers is just one among many nation state-backed groups that will continue to target critical infrastructure. These types of attacks incite fear, disrupt vital operations, and have the potential to cost lives.

Critical infrastructure entities must face risk of attack on both IT and operational technology (OT). The North Texas Municipal Water District was recently a victim of a ransomware attack, which impacted its phone and business computer systems. Critical infrastructure can work around compromised business systems, according to Christopher Warner, an industrial control systems (ICS)/OT expert with GuidePoint Security, a cybersecurity consulting services company. “If they came in the control side on the water district itself, they could shut it down,” he explains.

Read More HERE.