CISA urges water facilities to secure their Unitronics PLCs

2023-11-30 15:01

News that Iran-affiliated attackers have taken over a programmable logic controller at a water system facility in Pennsylvania has been followed by a public alert urging other water authorities to immediately secure their own PLCs. "The cyber threat actors likely accessed the affected device-a Unitronics Vision Series PLC with a Human Machine Interface-by exploiting cybersecurity weaknesses, including poor password security and exposure to the internet," the Cybersecurity and Infrastructure Security Agency noted.

Finally, CISA says, organizations should back up the logic and configurations on any Unitronics PLCs, so that "In the event of being hit by ransomware", they can quickly reset the devices and restore the configurations.

The North Texas Municipal Water District was not so lucky, as it has apparently been hit by the ransomware gang Daixin Team and the attack affected their business network and phone system.

Cyber attackers targeting organizations in critical infrastructure sectors is nothing new: healthcare organizations, in particular, are under a constant barrage.

Organizations running water and wastewater systems are definitely in a disadvantaged situation, as they often have no IT/OT security team and just a small IT team with limited resources and training to keep systems secure and fight cyber attackers off.

At least in the US, CISA offers help in the form of free cyber vulnerability scanning and cybersecurity services.

News URL

https://www.helpnetsecurity.com/2023/11/30/water-system-secure-plcs/

#cisa #PLC