Following a recent cyberattack at a Pennsylvania water utility, federal officials have confirmed that multiple additional water utilities in the US running the same industrial equipment have been breached by hackers, two people briefed on the matter told CNN.
The federal Cybersecurity and Infrastructure Security Agency briefed Senate and House staffers on the situation on Thursday and revealed that hackers had breached computers at “less than 10” water facilities in different parts of the US, one of the sources told CNN. In each case, the equipment targeted was the same Israeli-made computer system that allows machinery to communicate at water and other industrial facilities.
The incidents have not led to any disruptions at the water facilities or threatened drinking water, but they have concerned US officials because they have required little skill to execute. The hackers have defaced computer screens at the water facilities in opportunistic, low-level attacks, one of the sources told CNN.
Later Friday, US and Israeli authorities issued an advisory confirming that hackers had “accessed multiple US-based” water facilities that operate the Israeli-made equipment, likely by breaking into internet-connected devices with default passwords. The US and Israeli government agencies blamed hackers affiliated with the Islamic Revolutionary Guard Corps, a military branch of the Iranian government, for the activity.
CNN has reached out to the Iranian Permanent Mission to the United Nations for comment.
The spree of hacks burst into public view a week ago when a water utility outside of Pittsburgh said that apparently pro-Iran hackers breached equipment that the utility uses to manage water pressure and displayed an anti-Israel message on the computer screen. The hacking group whose logo displayed on the screen has a history of pro-Iranian operations and appears…
Read the full article here