The US government has issued a warning to its allies that state-backed hackers from Iran and China are increasingly targeting critical infrastructure, with the most notable attacks against water systems.
The Cybersecurity and Infrastructure Security Agency (CISA) probed a number of Iranian attacks targeting Unitronic programmable logic controllers (PLC) used in water facilities.
China has also turned its attention to probing critical US infrastructure in what government officials claim could be practice for a wider playbook in the event of war between the US and China.
Targeting the weakest link in the chain
A public letter issued by Environment Protection Agency (EPA) Administrator, Michael Regan, and National Security Advisor, Jake Sullivan, said, “Disabling cyberattacks are striking water and wastewater systems throughout the United States. These attacks have the potential to disrupt the critical lifeline of clean and safe drinking water, as well as impose significant costs on affected communities.”
While the attack conducted by an Iranian-backed group did not affect the water supply at the targeted facility, a breach of the PLCs used to control the supply of water means that had the attack progressed further, the attackers could have contaminated the water, damaged the facility itself, or even turned off the municipal water supply.
Volt Typhoon is the most likely culprit behind the attacks carried out by China, with water facilities alongside power grids, port infrastructure, and at least one oil and gas pipeline. The letter continued, stating, “Federal departments and agencies assess with high confidence that Volt Typhoon actors are pre-positioning themselves to disrupt critical infrastructure operations in the event of geopolitical tensions and/or military conflicts.”
Water facilities in the US have long been an easy target for cyber attacks due to the critical underfunding, low staffing levels, and a general lack of cyber security. The Biden Administration recently announced that the burden of responsibility for cyber security should be shifted onto private enterprises that are best positioned to reduce the risks for small businesses and public institutions.
“In many cases, even basic cybersecurity precautions — such as resetting default passwords or updating software to address known vulnerabilities — are not in place and can mean the difference between business as usual and a disruptive cyberattack,” the letter stated.
Via Bloomberg
More from TechRadar Pro
- Hackers abuse API popularity to break into accounts and steal data
- Take a look at the best endpoint protection software on the market
- Almost half of IT teams are burnt out as a result of war rooms, as ‘blame game’ culture becomes the norm for most organizations
Nvidia GTC 2024 — all the updates as it happened
China’s chips are off the table – US considering Huawei sanctions over secretive chip network
“Sleep happens” – it’s time to stop micromanaging your nights, says sleep specialist
-
1Russian hacker group exploits Microsoft Windows feature in worldwide phishing attack -
2Microsoft report says UK is not prepared for the age of AI — barely any businesses are ‘resilient’ to cybercrime
-
3The end of ‘Hackintosh’ – how Apple is sounding the death knell for a once-thriving online community
-
4Leica could soon launch a compact travel camera we can actually afford
-
5Amazon drops the Google Pixel 8 and Pixel 8 Pro to a record-breaking low price
-
1My favorite MacBook Air of all time is on sale at Walmart – and I think I’d buy four if I could
-
2M3 MacBook Air said to lose 50% of its performance in clamshell mode – so much for that cool new dual-monitor setup you wanted
-
3The end of ‘Hackintosh’ – how Apple is sounding the death knell for a once-thriving online community
-
4Nvidia has virtually recreated the entire planet — and now it wants to use its digital twin to crack weather forecasting for good
-
5Nvidia is taking the Apple Vision Pro to the Omniverse
