Security News > 2023 > November > Hackers breach US water facility via exposed Unitronics PLCs
CISA is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers exposed online.
PLCs are crucial control and management devices in industrial settings, and hackers compromising them could have severe repercussions, such as water supply contamination through manipulating the device to alter chemical dosing.
CISA confirmed that hackers have already breached a U.S. water facility by hacking these devices.
"Cyber threat actors are targeting PLCs associated with WWS facilities, including an identified Unitronics PLC, at a U.S. water facility," reads CISA's alert.
"In response, the affected municipality's water authority immediately took the system offline and switched to manual operations-there is no known risk to the municipality's drinking water or water supply."
While CISA's advisory did not specify the threat actor behind the attacks, Cyberscoop reported that a recent hack on the Municipal Water Authority of Aliquippa, Pa., was conducted by Iranianian attackers.
News URL
Related news
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Spain arrests suspected hacker of US and Spanish military agencies (source)
- Suspected NATO, UN, US Army hacker arrested in Spain (source)
- US health system notifies 882,000 patients of August 2023 breach (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- Orange Group confirms breach after hacker leaks company documents (source)
- US drug testing firm says data breach impacted 3.3 million people (source)
- US drug testing firm DISA says data breach impacts 3.3 million people (source)