Security News > 2023 > November > Hackers breach US water facility via exposed Unitronics PLCs
CISA is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers exposed online.
PLCs are crucial control and management devices in industrial settings, and hackers compromising them could have severe repercussions, such as water supply contamination through manipulating the device to alter chemical dosing.
CISA confirmed that hackers have already breached a U.S. water facility by hacking these devices.
"Cyber threat actors are targeting PLCs associated with WWS facilities, including an identified Unitronics PLC, at a U.S. water facility," reads CISA's alert.
"In response, the affected municipality's water authority immediately took the system offline and switched to manual operations-there is no known risk to the municipality's drinking water or water supply."
While CISA's advisory did not specify the threat actor behind the attacks, Cyberscoop reported that a recent hack on the Municipal Water Authority of Aliquippa, Pa., was conducted by Iranianian attackers.
News URL
Related news
- Chinese Earth Krahang hackers breach 70 orgs in 23 countries (source)
- Russia Hackers Using TinyTurla-NG to Breach European NGO's Systems (source)
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- Hackers exploit Ray framework flaw to breach servers, hijack resources (source)
- Finland confirms APT31 hackers behind 2021 parliament breach (source)
- A “cascade” of errors let Chinese hackers into US government inboxes (source)
- U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers (source)
- US cancer center data breach exposes info of 827,000 patients (source)
- US Health Dept warns hospitals of hackers targeting IT help desks (source)
- Microsoft breach allowed Russian spies to steal emails from US government (source)