top of page

Iranian hackers to US infrastructure and threatening national security.

image shows a network of electronic connections linking hackers affiliated to Iran in the background,

A recent hack in a small water company in the west of Pennsylvania has caused worry as hackers with links to Iran targeted American organisations, including the FBI, the Environmental Protection Agency, and the Cybersecurity and Infrastructure Security Agency (CISA). The cyber attackers focused on an Israeli-manufactured industrial control tool, causing worries about loopholes in critical infrastructure, according to US and Israeli officials.

The FBI, EPA, CISA, and Israel's National Cyber Directorate released a notice reporting the level of the breach, which impacted several American states. The number of affected organisations was not disclosed, however, Matthew Mottes, the chairperson of the Municipal Water Authority of Aliquippa, announced that the hacktivist team also aimed at four other service providers and an aquarium.

Cyber experts predict more cyber threats from Iranian state-backed hackers and pro-Palestinian hacktivists following the attack by Hamas on Israel. Although there is no immediate proof of Iranian involvement, the same equipment - Unitronics' Vision Series programmable logic controllers - used in water facilities, also poses a threat to other industries such as energy, food and healthcare.

The attackers, who call themselves "Cyber Av3ngers," reportedly have links to Iran's Islamic Revolutionary Guards Corps, a foreign terrorist organization as designated by the US in 2019. These perpetrators have been targeting Unitronics devices since November 22nd, exploiting weaknesses in the form of default passwords and internet access.

The advisory highlighted the wider consequences, stating that the hacked devices control crucial processes in different industries, with the potential for "deeper cyber-physical effects on processes and equipment." The culprits left a digital note on the hacked device, proclaiming all equipment of Israeli origin as "a lawful target."

Although there are more and more threats, the advisory pointed out that numerous Unitronics devices use default passwords, a practice that cybersecurity experts do not recommend. The attackers probably took advantage of these vulnerabilities to access the affected devices.

Following the cybersecurity breach, three congressmen from Pennsylvania have urged the U.S. Justice Department to investigate. The occurrence emphasises the crucial necessity for improved cybersecurity measures, mainly for industries responsible for essential infrastructure. With the escalation of cyberattacks by nation-state adversaries and terrorist organizations, the efforts of the Biden administration to strengthen cybersecurity in critical infrastructure becomes more crucial.


bottom of page