The U.S. Cybersecurity and Infrastructure Security Agency is currently probing a cyber attack carried out by the Iranian hacking group “Cyber Av3ngers” on a small municipal water authority in Pennsylvania. Officials have revealed that the group targeted the authority due to its utilization of software owned by Israel.
The Municipal Water Authority of Aliquippa has officially confirmed that it fell victim to a breach last Saturday. This breach led to the shutdown of a supply pump responsible for providing drinking water to various municipalities, including a town in the Pittsburgh metropolitan area with almost 3,000 residents, according to U.S. Census data.
The water authority relies on pressure-monitoring equipment developed by the Israeli technology company Unitronics. When the cyberattack took place, a small Unitronics device in the Pennsylvania facility displayed a bright red message that stated: “You have been hacked. Down with Israel. Every equipment ‘made in Israel’ is Cyber Av3ngers legal target.”
Following the intrusion, alerts were sent to the U.S. Department of Homeland Security, prompting on-call municipal workers to act swiftly during the holiday weekend. Their efforts were focused on shutting down automated systems and resorting to manual operations.
Robert Bible, an official from the water authority in the Pittsburgh area, reassured the public that local water service remained undisrupted, and the water quality was unaffected by the incident.
This cyberattack is among a limited number of known incidents targeting American water systems. Earlier this year, the Biden administration made an attempt to force water systems to assess their cybersecurity risk using existing regulatory authorities. However, this effort was halted following a court ruling (see: US EPA Nixes Cybersecurity Assessments of Water Systems).
Check Point Research, a cybersecurity firm, reported that the threat group, which typically focuses on exploiting Microsoft Exchange vulnerabilities to target Israeli entities, initiated a new campaign in October to recruit additional hackers, aiming to expand its cyber operations.
Matthew Mottes, chairman of the Aliquippa water authority, clarified to local news outlets that the hackers did not gain access to the water treatment plant itself. This is because the Unitronics system operates on a separate computer system that is isolated from the primary network.
In response to the cyberattack, Representative Chris Deluzio, a Democrat from Pennsylvania, has called for a “full investigation and prosecution of the hackers.” In a statement posted on his Facebook page on Tuesday, he emphasized that the incident serves as a “terrible reminder that our adversaries are targeting our critical infrastructure.”