Iranian-backed hacktivist group known as Cyber Av3ngers, hijacked a system associated with a booster station of a small municipal water authority in Pennsylvania
According to the local media, the incident has had no impact on water quality or service. The hack was limited to one machine at a station that boosts water pressure for two nearby townships, and it was quickly contained.
Matthew Mottes, the chairman of the board of directors for the Municipal Water Authority of Aliquippa, said that the attackers had not gained access to the water treatment plant itself because the hacked pressure-monitoring equipment is separated from the main network.
The hackers took control of a programmable logic controller (PLC) with an integrated human-machine interface (HMI) made by Israeli company Unitronics.
Pennsylvania State Police is currently investigating the incident. The US Cybersecurity and Infrastructure Security Agency also said it is responding to the attack.
In related news, North Texas Municipal Water District (NTMWD), a water utility serving two million people in North Texas has suffered a cyber incident that affected its business computer network. However, core water, wastewater, and solid waste services have not been impacted by the attack.
On Monday, the cybercrime group known as Daixin Team added NTMWD to the list of victims on its dark web leak site. The gang claims to have stolen sensitive data from the company, including board meeting minutes, internal projects documentation, personnel details, audit reports, and threatens to leak it.
