Security News > 2023 > November > Hackers breach US water facility via exposed Unitronics PLCs
CISA is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers exposed online.
PLCs are crucial control and management devices in industrial settings, and hackers compromising them could have severe repercussions, such as water supply contamination through manipulating the device to alter chemical dosing.
CISA confirmed that hackers have already breached a U.S. water facility by hacking these devices.
"Cyber threat actors are targeting PLCs associated with WWS facilities, including an identified Unitronics PLC, at a U.S. water facility," reads CISA's alert.
"In response, the affected municipality's water authority immediately took the system offline and switched to manual operations-there is no known risk to the municipality's drinking water or water supply."
While CISA's advisory did not specify the threat actor behind the attacks, Cyberscoop reported that a recent hack on the Municipal Water Authority of Aliquippa, Pa., was conducted by Iranianian attackers.
News URL
Related news
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Hackers steal ZAGG customers' credit cards in third-party breach (source)
- US sanctions Chinese company linked to Flax Typhoon hackers (source)
- US Treasury hack linked to Silk Typhoon Chinese state hackers (source)
- Largest US addiction treatment provider notifies patients of data breach (source)
- Treasury hackers also breached US foreign investments review office (source)
- US sanctions Chinese firm, hacker behind telecom and Treasury hacks (source)
- Hackers game out infowar against China with the US Navy (source)
- HPE investigates breach as hacker claims to steal source code (source)
- CISA: Hackers still exploiting older Ivanti bugs to breach networks (source)