Current:Home > InvestCongressmen ask DOJ to investigate water utility hack, warning it could happen anywhere-Angel Dreamer Wealth Society D1 Reviews & Insights
Congressmen ask DOJ to investigate water utility hack, warning it could happen anywhere
View Date:2024-12-23 18:34:30
HARRISBURG, Pa. (AP) — Three members of Congress have asked the U.S. Justice Department to investigate how foreign hackers breached a water authority near Pittsburgh, prompting the nation’s top cyberdefense agency to warn other water and sewage-treatment utilities that they may be vulnerable.
In a letter released Thursday, U.S. Sens. John Fetterman and Bob Casey and U.S. Rep. Chris Deluzio said Americans must know their drinking water and other basic infrastructure is safe from “nation-state adversaries and terrorist organizations.”
“Any attack on our nation’s critical infrastructure is unacceptable,” Fetterman, Casey and Deluzio wrote in their letter to Attorney General Merrick Garland. “If a hack like this can happen here in western Pennsylvania, it can happen anywhere else in the United States.”
The compromised industrial control system was made in Israel, and a photo from the Municipal Water Authority of Aliquippa, Pennsylvania, suggests the “hackivists” deliberately targeted that facility because of the equipment’s link to Israel. The image of the device screen shows a message from the hackers that said: “Every equipment ‘made in Israel’ is Cyber Av3ngers legal target.”
A group using that name used identical language on X, formerly Twitter, and Telegram on Sunday. The group claimed in an Oct. 30 social media post to have hacked 10 water treatment stations in Israel, though it is not clear if they shut down any equipment.
Casey’s office said it was told by U.S. officials that they believe Cyber Av3ngers is indeed behind the attack. The Aliquippa water authority’s chairman, Matthew Mottes, said federal officials told him that hackers also breached four other utilities and an aquarium.
“We’ve been told that we are not the only authority that’s been affected in the country, but we are believed to be the first,” Mottes said in an interview.
Leading cybersecurity companies Check Point Research and Google’s Mandiant have identified Cyber Av3ngers as hacktivists aligned with Iran’s government.
Since the beginning of the Israel-Hamas war, the group has expanded and accelerated targeting Israeli critical infrastructure, said Check Point’s Sergey Shykevich. Iran and Israel were engaged in low-level cyberconflict prior to the Oct. 7 Hamas attack on Israel and cybersecurity experts have said they expected a rise in hacktivism in response to Israel’s attacks in Gaza.
The device breached in Pennsylvania was made by Israel-based Unitronics, according to the U.S. Cybersecurity and Infrastructure Security Agency. Known as a programmable logic controller, it is used across a wide spectrum of industries including water and sewage-treatment utilities, electric companies and oil and gas producers. It regulates processes including pressure, temperature and fluid flow, according to the manufacturer.
Unitronics has not responded to queries about what other facilities with its equipment may have been hacked or could be vulnerable.
Experts say many water utilities have paid insufficient attention to cybersecurity.
In Pennsylvania, the hack prompted the water authority to temporarily halt pumping Saturday in a remote station that regulates water pressure for customers in two nearby towns. Crews took the system offline and switched to manual operation, officials said.
The attack came less than a month after a federal appeals court decision prompted the Environmental Protection Agency to rescind a rule that would have obliged U.S public water systems to include cybersecurity testing in their regular federally mandated audits. The rollback was triggered by a federal appeals court decision in a case brought by Missouri, Arkansas and Iowa, and joined by a water utility trade group.
The Biden administration has been trying to shore up cybersecurity of critical infrastructure — more than 80% of which is privately owned — and has imposed regulations on sectors including electric utilities, gas pipelines and nuclear facilities. But many experts complain that too many vital industries are permitted to self-regulate.
In its warning Tuesday, the U.S. cybersecurity agency said attackers likely breached the Unitronics device “by exploiting cybersecurity weaknesses, including poor password security and exposure to the internet.”
Mottes said he doesn’t know how the device in Aliquippa was hacked, but that he trusted the federal agency’s judgment.
veryGood! (93)
Related
- What happens to Donald Trump’s criminal conviction? Here are a few ways it could go
- Get Glowing Skin and Save 48% On These Top-Selling Peter Thomas Roth Products
- Lina Khan is taking swings at Big Tech as FTC chair, and changing how it does business
- Why does the Powerball jackpot increase over time—and what was the largest payout in history?
- Sister Wives’ Kody Brown Explains His Stance on His Daughter Gwendlyn Brown’s Sexuality
- A Silicon Valley lender collapsed after a run on the bank. Here's what to know
- Shein lawsuit accuses fast-fashion site of RICO violations
- Here Are 15 LGBTQ+ Books to Read During Pride
- Prosecutor failed to show that Musk’s $1M-a-day sweepstakes was an illegal lottery, judge says
- Warming Trends: Radio From a Future Free of Fossil Fuels, Vegetarianism Not Hot on Social Media and Overheated Umpires Make Bad Calls
Ranking
- 'Joker 2' actor pans DC sequel as the 'worst film' ever: 'It has no plot'
- Finding Bright Spots in the Global Coral Reef Catastrophe
- The Most Unforgettable Red Carpet Moments From BET Awards
- Most Agribusinesses and Banks Involved With ‘Forest Risk’ Commodities Are Falling Down on Deforestation, Global Canopy Reports
- Off the Grid: Sally breaks down USA TODAY's daily crossword puzzle, Mixed Use
- Arnold Schwarzenegger Is Full Speed Ahead With Girlfriend Heather Milligan During Biking Date
- The Home Edit's Clea Shearer Shares the Messy Truth About Her Cancer Recovery Experience
- First lawsuit filed against Pat Fitzgerald, Northwestern leaders amid hazing scandal
Recommendation
-
Horoscopes Today, November 10, 2024
-
We Bet You Didn't Know These Stars Were Related
-
In Three Predominantly Black North Birmingham Neighborhoods, Residents Live Inside an Environmental ‘Nightmare’
-
Kim Kardashian Shares Twinning Photo With Kourtney Kardashian From North West's Birthday Party
-
UConn, Kansas State among five women's college basketball games to watch this weekend
-
As Powerball jackpot rises to $1 billion, these are the odds of winning
-
Biden Administration Unveils Plan to Protect Workers and Communities from Extreme Heat
-
We found the 'missing workers'