The Cybersecurity and Infrastructure Protection Agency of the United States (CISA) is actively informing water infrastructure operators about the vulnerabilities of devices from the Israeli company, Unitronics. This comes after a November attack on Unitronics equipment used by a Pennsylvania water farming facility in the city of Alikvippa, reportedly conducted by the Iranian cyber group, Cyberav3NGERS, who are believed to be associated with IRGC.
Eric Goldstein, Executive Assistant Director of CISA for Cybersecurity, stated, “We will identify the operators using these devices and notify them to prevent possible invasions.”
Following the incident in Pennsylvania, several other water infrastructures in the United States have also confirmed cyber attacks. US officials, including representatives from the FBI and the Environmental Protection Agency (EPA), have noted a small number of affected institutions.
The main focus is on programmable logic controllers (PLC) from Unitronics, which are widely used in water supply, energy, the food industry, and healthcare. These devices are often connected to the internet for remote control and monitoring, making them vulnerable.
Currently, the threat appears to be limited. Goldstein emphasized that there have been no reported hacks on water treatment facility operating systems or impacts on the provision of drinking water to communities.
Officials have confirmed that hackers associated with IRGC have been exploiting vulnerabilities in Unitronics devices since November 22nd to target Israeli products.
In efforts to enhance cybersecurity in the water industry, the Biden administration began implementing a national cybersecurity strategy in March. However, the corresponding environmental memorandum for protection was recalled in October due to a lawsuit.
David Travers from the EPA stressed the importance of cybersecurity measures for water systems and refuted claims of high costs associated with such measures. He stated, “Without requirements and oversight in the field of cybersecurity, our water systems and the communities they serve will continue to be vulnerable.” Travers emphasized the urgent need for improved cybersecurity across the entire water sector.