Aliquippa, Pennsylvania – In the wake of a recent cyberattack on a water utility in Pennsylvania, federal officials have confirmed that multiple additional water utilities in the US have also been breached by hackers. This revelation has raised concerns among US officials as the cyberattacks have required little skill to execute and been attributed to hackers affiliated with the Islamic Revolutionary Guard Corps, a military branch of the Iranian government.
The affected utilities were discovered to be running the same Israeli-made computer system that allows machinery to communicate at water and other industrial facilities. The hackers have defaced computer screens at the water facilities in opportunistic, low-level attacks.
The incidents have not led to any disruptions at the water facilities or threatened drinking water, but they have still concerned US officials. The US and Israeli government agencies have blamed the hackers affiliated with the Islamic Revolutionary Guard Corps for the activity.
The hacking spree came to light a week ago when the Municipal Water Authority of Aliquippa, serving about 15,000 people, fell victim to the cyberattack. The hackers breached equipment used to manage water pressure and displayed an anti-Israel message on the computer screen.
In response to this alarming trend, federal investigators have been probing multiple hacks of water facilities across the country. The water utilities have been advised by CISA, FBI, private experts, and water industry executives to take their industrial equipment off the internet to prevent further hacks.
The Pittsburgh-area water utility, which was one of the targets, handed over the hacked equipment to the FBI and has been operating one of its pump stations in manual mode until the equipment can be replaced.
Meanwhile, Rep. Chris Deluzio, whose district includes the Aliquippa water authority, has received a classified briefing on the water hack from federal officials and stated that it should be a wakeup call. “Our adversaries don’t care who runs critical infrastructure,” Deluzio said. “If they can get in through the weakest link — and [if] that’s a small municipal authority or a private vendor — that’s what they’re going to target.”
The US water sector, which spans 150,000 public water systems, has often struggled to find the resources needed to deal with hacking threats. Deluzio emphasized the importance of bolstering cybersecurity at local water utilities, recognizing them as the frontline cyber warriors in many cases.
This story is still developing, and additional information continues to emerge.