Cyberattack on Pennsylvania Water Authority Disrupts OT Gear

The booster station shut off its automated system and moved to a manual system once the alarms sounded the breach.

Israeli and Iranian flags clashing
Source: Zoonar GmbH via Alamy Stock Photo

This past weekend, the Aliquippa Municipal Water Authority, located in Pittsburgh, experienced a cyberattack after one of its booster stations was hacked by an Iranian-backed cyber group. 

The threat group, known as Cyber Av3ngers, hacked a system known as Unitronics, which has components that are Israeli-owned. The technology that monitors water pressure at the station shut down during the attack and a message appeared on the screen reading: "You Have Been Hacked. Down With Israel, Every Equipment 'Made In Israel' Is Cyber Av3ngers Legal Target."

The booster station that was attacked "monitors and regulates pressure for Raccoon and Potter Townships" according to Matthew Mottes, chairman of the board of directors for the Municipal Water Authority of Aliquippa, though he has stressed that there is no current risk to the drinking water or water supply.

The automated system was immediately shut down and operations resumed manually. CISA is now investigating the attack, and there are concerns about further attacks on critical infrastructure within the United States, in general.

According to the cyber group's profile on X (formerly known as Twitter), it has claimed responsibility for several attacks globally, including 10 Israeli water treatment stations in the wake of the Gaza war, though these cyberattacks haven't been verified.

"Given that critical infrastructure sectors like water and wastewater are increasingly targeted by nation-state threat actors seeking to cause disruption, it is crucial for organizations to stay ahead of the curve," stated Mark Toussaint, senior product manager and operational technology (OT) expert at OPSWAT, in an email. "We know the White House has initiated executive orders and national plans to bolster cybersecurity, and industry-specific regulators are publishing cybersecurity guidelines, but in the face of evolving cyber threats, it is imperative for organizations to take a proactive and comprehensive perimeter defense strategy."

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights