Municipal Water Authority of Aliquippa (MWAA), a water utility in the state of Pennsylvania, has entered a federal and state investigation after a breach in one of its equipment by pro-Iran hacking group Cyber Av3ngers.
On Friday, the attackers breached a piece of Israeli-made equipment used by the water utility, calling it “fair game” amid the ongoing Israeli-Hamas war. The breach has caused one of its water pump stations to be operated manually until the automated systems are operational again.
“I am closely monitoring this cyberattack on the Municipal Water Authority of Aliquippa,” said Congressman Chris Deluzio in a statement. “Federal officials are assisting the investigation, and I remain ready to help with federal agencies.”
The hack is reportedly limited to only one machine at the station that boosts water pressure for two nearby townships and has no impact on water quality or service. MWAA authority did not respond to email queries seeking further details about the attack.
Critical systems attack draws federal attention
Officials notified of a communication failure at the victim station found a hack notice on the computer controlling the pumps that said, “Every equipment made in Israel is Cyber Av3ngers legal target.” MWAA, which serves about 15,000 people in the Pittsburgh area has reportedly decided to replace the Israeli-made equipment as a precaution.
“That was maybe the furthest thing from my mind,” Robert J Bible, general manager of MWAA said in an interview with CNN about getting caught in the crossfire of the Middle Eastern war. “Especially for a community. We only serve 15,000 people. You wouldn’t put two and two together.”
The attack enabling pro-Iran hackers’ direct access to US critical systems has triggered federal and state investigations into the incident. MWAA has handed the FBI a digital copy of the hacked industrial equipment and the latter is in regular touch with the utility authority.
“Attacks on our critical infrastructure like water are unacceptable,” Deluzio said in the statement. “I intend to push for a full investigation here and accountability for the attackers, and I will continue the important bipartisan work on the House Armed Services Cyber, Information Technologies, and Innovation (CITI) Subcommittee to shore up America’s defenses.”
Water system hacks are the group’s specialty
Cyber Av3ngers, which has already compromised dozens of Israeli water systems, targeted the water authority by hacking into water pressure monitoring equipment manufactured by Israel-based technology company Unitronics. Despite the attack, operations at the water authority have not been disrupted as it utilized manual tools after shutting down its automated system.
This isn’t Cyber Av3ngers’ first time with water systems as they claimed responsibility for at least a dozen Israeli water treatment stations on their account on X on Oct 30, 2023.
“Once we obtained access to their network, established to manipulate, wipe and destruct all industrial equipment such as SCADA systems, PLCs, sensors and HMIs,” Cyber Av3ngers said in a post on X.
“Cyber Av3ngers is an Iran government-affiliated hacktivist group which operates for a long time on and off, along different telegram channels focusing on Israeli targets,” said Sergey Shykevich, Threat Intelligence Group Manager at Check Point Research. “The main goal of the group is information operations, while as part of it, the group mostly tries to target critical infrastructure in areas of electricity, transportation, and water supply.”
As part of their modus operandi, the group focuses on the exploitation of Microsoft Exchange vulnerabilities as an initial intrusion vector, Shykevich added.