Security News > 2023 > November > Hackers breach US water facility via exposed Unitronics PLCs
CISA is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers exposed online.
PLCs are crucial control and management devices in industrial settings, and hackers compromising them could have severe repercussions, such as water supply contamination through manipulating the device to alter chemical dosing.
CISA confirmed that hackers have already breached a U.S. water facility by hacking these devices.
"Cyber threat actors are targeting PLCs associated with WWS facilities, including an identified Unitronics PLC, at a U.S. water facility," reads CISA's alert.
"In response, the affected municipality's water authority immediately took the system offline and switched to manual operations-there is no known risk to the municipality's drinking water or water supply."
While CISA's advisory did not specify the threat actor behind the attacks, Cyberscoop reported that a recent hack on the Municipal Water Authority of Aliquippa, Pa., was conducted by Iranianian attackers.
News URL
Related news
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- US lawmakers seek answers on alleged Salt Typhoon breach of telecom giants (source)
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- US says Chinese hackers breached multiple telecom providers (source)
- Schneider Electric confirms dev platform breach after hacker steals data (source)
- Nokia investigates breach after hacker claims to steal source code (source)
- US indicts Snowflake hackers who extorted $2.5 million from 3 victims (source)
- Hacker gets 10 years in prison for extorting US healthcare provider (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- US space tech giant Maxar discloses employee data breach (source)