×

Irish Information Security Forum

Did hacker group Cyber Av3ngers target Erris water Supply?

Source: Western People
Release Date: 7th December 2023

 

Approx 160 households to a private group water scheme in the Erris area of County Mayo were left without water for a couple of days last week due to what was explained to be the cause of a cyberattack perpetrated by a pro-Iran hacking group targeting a piece of equipment manufactured in Israel.

 

The outage was as a result of the exploitation of a vulnerability in a programmable logic controller connected to a Eurotronics Israeli-made water pumping system. The incident appears to be linked to the Cyber Av3ngers group, who local media reported had left a message on the affected computer network saying it had been conducted because the water system used the Israel-made Unitronics tool.

 

Our caretaker went down and when he got to the pumphouse, up on the screen was a sign ‘You have been hacked’. Down with Israel was written on it and the name of the group that hacked us,
Noel Walsh, a member of the group water scheme, said.

 

 

Last month, the U.S. federal government warned that it was responding to the active exploitation of Unitronics programmable logic controllers (PLCs) that are used by many organizations in the water sector. The same PLCs are likely in use in other industries, including energy, food and beverage manufacturing, and healthcare. The devices are often exposed to the internet due to the remote nature of their control and monitoring functionalities, authorities and cybersecurity researchers have said.

 

Programmable-logic-controller-Vision-1040-by-Unitronics-front-1..webp

 

Among those affected in the U.S. was the Municipal Water Authority of Aliquippa — which serves thousands of customers in communities northwest of Pittsburgh.  On Monday, the U.S. Cybersecurity and Infrastructure Security Agency added the Unitronics bug to its Known Exploited Vulnerabilities catalog, assigning it CVE-2023-6448.

 

The advisory warned that “Unitronics Vision Series PLCs and HMIs [Human Machine Interfaces] use default administrative passwords. An unauthenticated attacker with network access to a PLC or HMI can take administrative control of the system,” the agency said.

 

References:-


 

 

 

IISF Logo

If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:

By email:
secretary@iisf.ie

By post:

David Cahill

Information Security

GPO, 1-117
D01 F5P2

Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland

 


Forum SPONSORS 

Invitations for Annual Sponsorship of IISF has now reopened.

Sponsorship of IISF Opportunity
(your logo & profile link here)

 

Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more

 

secured by edgescan digital security radar logo

© iiSf. All rights reserved. CRN: 3400036GH  - Privacy  - Sponsorship  - Cybersecurity News Index  - Cybersecurity Resources  - X  - Produced by
LinkedIn Twitter