Breaking, firstnews570, Technology

Hackers Succeed in Compromising Public Water Facilities

Wednesday, November 29, 2023Wednesday, November 29, 2023By William Mapp
0
Hackers Succeed in Compromising Public Water Facilities

Hack attacks on public infrastructure have become frighteningly successful. Criminals, they should be called criminals, have successfully compromised two municipal water facilities providing drinking water to over 2 million residents.

Residents in Western Pennsylvania and Texas are affected.

The Municipal Water Authority of Aliquippa in western Pennsylvania reactively shutdown a pump that delivered water from its treatment plants to households after discovering the hack. The hack wasn’t executed on a regular computer, but on a specialized, industrial computer called a Programmable Logic Controller, or PLC.

PLCs are purpose built computers designed to automate hardware functions. PLCs are frequently used in running critical infrastructure for our utilities. The Beaver Countian shared a picture with news media showing off the hack. (The picture is protected, please link to the story and support their publication)

This particular PLC is manufactured by Unitronics. An Israeli firm with offices in Maine and New Jersey.

Iranian Hackers Take Credit

An Iranian government backed hacking group, Cyber Av3ngers, has taken credit for the hack. The group has exploited Unitronics PLCs in 10 Israeli water treatment plants.

Limited Attack Surface

The Aliquippa water facility is an old one. It was built in the 1930s and many treatment processes are still done manually. Because so much is done manually, the attack had a limited scope and a limited impact. No water was contaminated in the attack. Automated, downstream systems reported the faulty PLC and sent alerts to appropriate personnel.

Aliquippa contacted the FBI and the Pennsylvania State Police after discovering the breach.

Remember to always take security seriously. We should also give pause to an over reliance on technology when it comes to critical components in infrastructure. Automation is great, but in many cases manual operations can be highly available alternatives. Imagine if the Aliquippa water facility was fully automated using this equipment. Like the new one they are building.