• Subscribe
  • Magazine
  • Videos
  • Advertise
  • About Us
  • Smart Water Summit
  • Wastewater Summit
  • eHandbooks
    1. Water Utility Management

    Aliquippa, Pennsylvania suffers cyberattack on booster station PLC

    Nov. 30, 2023
    A hacktivist group disabled the Unitronics programmable logic controller at a booster station operated by the Municipal Water Authority of Aliquippa.
    Photo 113550356 © Maksym Kozachuk | Dreamstime.com
    dreamstime_xl_113550356

    The Municipal Water Authority of Aliquippa, Pennsylvania has suffered a cyberattack on Saturday, Nov. 25 that disabled a programmable logic controller (PLC) at one of the authority’s booster stations.

    The Municipal Water Authority of Aliquippa provides water and wastewater services to over 6,600 customers in Pennsylvania. The affected booster station monitors and regulates pressure for the Raccoon and Potter Townships.

    “They did not get access to anything in our actual water treatment plant — or other parts of our system — other than a pump that regulates pressure to elevated areas of our system,” Matthew Mottes, chairman of the authority, told BeaverCountian.com. “The booster station did what it was supposed to. It sent an alarm and we took control manually. Nobody was ever at risk.”

    The authority reported that it immediately took the system offline and switched to manual operations, stressing that there was no known risk to the municipality’s drinking water. Federal authorities are now investigating the cyberattack.

    On Nov. 28, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert about the PLC exploitation. CISA identified the compromised device as a Unitronics Vision Series PLC that had weak cybersecurity, including exposure to the internet.

    According to local news channel KDKA News, the group behind the cyberattack identified itself as “Cyber Av3ngers” a hacktivist group associated with Iran. The cyberattack left an image on the PLC’s control panel, including the words “down with Israel” and claiming that any equipment made in Israel is a target of the group. Unitronics, the company that provides the Vision Series PLC, is based in Israel.

    CISA provided recommendations to secure water and wastewater facilities against the Unitronics PLC’s vulnerabilities. These tips are also helpful for many IT-compatible PLCs:

    • Change the Unitronics PLC default password (“1111”).
    • Require multifactor authentication for all remote access to the operational technology network.
    • Disconnect the PLC from direct internet exposure, or implement a firewall or gateway in front of the PLC to control network access.
    • Back up the logic and configurations of the PLCs to enable fast recovery.
    • If possible, use a transmission control protocol (TCP) port that is not the default Unitronics PLC port (TCP 20256), to better obscure the PLC from cyberattacks.
    • Update the PLC firmware to its latest version
    About the Author

    Jeremy Wolfe

    Jeremy Wolfe is a former Editor for WaterWorld magazine.

    Email

    Continue Reading

    Sponsored Recommendations

    SmartSights WIN-911 Alarm Notification Software Enables Faster Response

    March 15, 2024
    Alarm notification software enables faster response for customers, keeping production on track

    Automated Fresh Water Treatment

    March 15, 2024
    SCADA, Automation and Control for Efficient and Compliant Operations

    Digital Transformation Enables Smart Water

    March 15, 2024
    During this webinar we will discuss factors driving the transformation to digital water, water industry trends, followed by a summary of solutions (products & services) available...

    Smart Water Solutions: Transforming the Water Universe

    March 15, 2024
    Water is our most valuable resource, and efficient and effective water and wastewater handling is crucial for municipalities. As industry experts, you face a number of challenges...