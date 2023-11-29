Municipal Water Authority of Aliquippa (MWAA), a water utility in the state of Pennsylvania, has entered a federal and state investigation after a breach in one of its equipment by pro-Iran hacking group Cyber Av3ngers.\n\nOn Friday, the attackers breached a piece of Israeli-made equipment used by the water utility, calling it \u201cfair game\u201d amid the ongoing Israeli-Hamas war. The breach has caused one of its water pump stations to be operated manually until the automated systems are operational again.\n\n\u201cI am closely monitoring this cyberattack on the Municipal Water Authority of Aliquippa,\u201d said Congressman Chris Deluzio in a statement. \u201cFederal officials are assisting the investigation, and I remain ready to help with federal agencies.\u201d\n\nThe hack is reportedly limited to only one machine at the station that boosts water pressure for two nearby townships and has no impact on water quality or service. MWAA authority did not respond to email queries seeking further details about the attack.\n\nCritical systems attack draws federal attention\n\nOfficials notified of a communication failure at the victim station found a hack notice on the computer controlling the pumps that said, \u201cEvery equipment made in Israel is Cyber Av3ngers legal target.\u201d MWAA, which serves about 15,000 people in the Pittsburgh area has reportedly decided to replace the Israeli-made equipment as a precaution.\n\n\u201cThat was maybe the furthest thing from my mind,\u201d Robert J Bible, general manager of MWAA said in an interview with CNN about getting caught in the crossfire of the Middle Eastern war. \u201cEspecially for a community. We only serve 15,000 people. You wouldn\u2019t put two and two together.\u201d\n\nThe attack enabling pro-Iran hackers\u2019 direct access to US critical systems has triggered federal and state investigations into the incident. MWAA has handed the FBI a digital copy of the hacked industrial equipment and the latter is in regular touch with the utility authority.\n\n\u201cAttacks on our critical infrastructure like water are unacceptable,\u201d Deluzio said in the statement. \u201cI intend to push for a full investigation here and accountability for the attackers, and I will continue the important bipartisan work on the House Armed Services Cyber, Information Technologies, and Innovation (CITI) Subcommittee to shore up America's defenses.\u201d\n\nWater system hacks are the group\u2019s specialty\n\nCyber Av3ngers, which has already compromised dozens of Israeli water systems, targeted the water authority by hacking into water pressure monitoring equipment manufactured by Israel-based technology company Unitronics. Despite the attack, operations at the water authority have not been disrupted as it utilized manual tools after shutting down its automated system.\n\nThis isn\u2019t Cyber Av3ngers\u2019 first time with water systems as they claimed responsibility for at least a dozen Israeli water treatment stations on their account on X on Oct 30, 2023.\n\n\u201cOnce we obtained access to their network, established to manipulate, wipe and destruct all industrial equipment such as SCADA systems, PLCs, sensors and HMIs,\u201d Cyber Av3ngers said in a post on X.\n\n\u201cCyber Av3ngers is an Iran government-affiliated hacktivist group which operates for a long time on and off, along different telegram channels focusing on Israeli targets,\u201d said Sergey Shykevich, Threat Intelligence Group Manager at Check Point Research. \u201cThe main goal of the group is information operations, while as part of it, the group mostly tries to target critical infrastructure in areas of electricity, transportation, and water supply.\u201d\n\nAs part of their modus operandi, the group focuses on the exploitation of Microsoft Exchange vulnerabilities as an initial intrusion vector, Shykevich added.