November 25, 2023, the Municipal Water Authority of Aliquippa, PA had one of its booster stations hacked by an Iranian-backed cyber group – CyberAv3ngers. The booster station monitors and regulates pressure for customers within the City of Aliquippa and portions of two neighboring Townships. An alarm went off as soon as the hack had occurred as the hackers apparently wanted to be found. The automation system has since been disabled. If the alarm had not been initiated, significant damage could have occurred. The Aliquippa case may not be a “one-off” nor specific to the water sector as the hack was against a control system vendor supplying PLCs to many infrastructures besides water. From a Shodan search, there are more than 200 of the Unitronics PLCs in use in the US and more than 1,800 internationally. This makes “real-time” information sharing across all sectors critical. One wonders who else has been hacked? Responses to the November 26, 2023, Linked-In note on this event showed that control system cyber security issues are not well understood by the IT and OT network security community. There are myriad chances for lessons learned – will they be taken?
