Security News > 2023 > December > CyberAv3ngers hit Unitronics PLCs at multiple US-based water facilities

CyberAv3ngers hit Unitronics PLCs at multiple US-based water facilities
2023-12-04 13:46

Iran-affiliated attackers CyberAv3ngers continue to exploit vulnerable Unitronics programmable logic controllers, US and Israeli authorities have said in a joint cybersecurity advisory.

CyberAv3ngers targeting Unitronics PLCs. CISA has recently confirmed that Iran-affiliated attackers took over a Unitronics Vision Series PLC at a water system facility in Pennsylvania, and urged other water authorities to promptly secure their Unitronics PLCs. The agency has advised them to change the default password and port used by the PLC, disconnect it from the open internet or secure remote access by using firewall, VPN and multi-factor authentication, create configuration backups, and update the PLC/HMI to the latest available version.

CyberAv3ngers has previously claimed responsibility for numerous attacks against critical infrastructure organizations in Israel working in the water, energy, shipping, and distribution sectors, and only recently targeted Unitronics PLCs deployed by multiple US-based water and wastewater facilities.

The UK National Cyber Security Centre says that the compromise of the PLCs is "Highly unlikely" to disrupt routine operations of affected organizations.

The agencies repeated CISA's initial risk mitigation advice and urged organizations to apply it to all internet-facing PLCs, not just those manufactured by Unitronics.

Several other groups engaged in website defacements and leaks of data ostensibly stolen from US companies, as well as the hacking of CCTV systems at several US airports and targeting pipeline and electrical systems in the US. "As tensions in the Middle East continue, the likelihood of ongoing cyberattacks by these groups, particularly against US targets, remains high. This trend represents a significant evolution in the nature of cyber warfare, transcending traditional geopolitical boundaries," the researchers concluded.


News URL

https://www.helpnetsecurity.com/2023/12/04/cyberav3ngers-unitronics-plcs/