Feds: Iran-linked hacking campaign a ‘clarion call’ for digital defenses | CyberScoop<\/title> <meta name=\"description\" content=\"A campaign targeting an Israeli device manufacturer highlights lax cyber protections in the water sector, top cybersecurity officials say.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/cisa-fbi-epa-water-unitronics\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Feds: Iran-linked hacking campaign a 'clarion call' for digital defenses\"> <meta property=\"og:description\" content=\"A campaign targeting an Israeli device manufacturer highlights lax cyber protections in the water sector, top cybersecurity officials say.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/cisa-fbi-epa-water-unitronics\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2023-12-04T23:07:20+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/12\/feds-iran-linked-hacking-campaign-a-clarion-call-for-digital-defenses-1.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Christian Vasquez\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@chrismvasq\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1699561119g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress-next\/dist\/css\/related-posts-block-styles.min.css?m=1701108070g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1698989400g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=7dab012cdc88b5676610\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/78361\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.4.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=78361\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcisa-fbi-epa-water-unitronics%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcisa-fbi-epa-water-unitronics%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-78361 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/cisa-fbi-epa-water-unitronics\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.3125\">\n<div class=\"single-article__header-content\" readability=\"30.873563218391\">\n<p> A campaign targeting an Israeli device manufacturer highlights lax cyber protections in the water sector, top cybersecurity officials say. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/12\/feds-iran-linked-hacking-campaign-a-clarion-call-for-digital-defenses.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/12\/feds-iran-linked-hacking-campaign-a-clarion-call-for-digital-defenses-1.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/12\/feds-iran-linked-hacking-campaign-a-clarion-call-for-digital-defenses-1.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/12\/feds-iran-linked-hacking-campaign-a-clarion-call-for-digital-defenses-1.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/12\/feds-iran-linked-hacking-campaign-a-clarion-call-for-digital-defenses-1.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/12\/feds-iran-linked-hacking-campaign-a-clarion-call-for-digital-defenses-1.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/12\/feds-iran-linked-hacking-campaign-a-clarion-call-for-digital-defenses-1.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/12\/feds-iran-linked-hacking-campaign-a-clarion-call-for-digital-defenses-1.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/12\/feds-iran-linked-hacking-campaign-a-clarion-call-for-digital-defenses-1.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/12\/feds-iran-linked-hacking-campaign-a-clarion-call-for-digital-defenses-1.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/12\/feds-iran-linked-hacking-campaign-a-clarion-call-for-digital-defenses-1.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> Construction of sewage plant, Santander, Spain. (Photo by Mike St Maur Sheil\/Construction Photography\/Avalon\/Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"38.819251588609\"><body readability=\"80.354380812531\"><\/p>\n<p>U.S. cybersecurity officials are warning utilities to increase basic cyber protections amid the active targeting of several water facilities by an Iranian-linked hacking group.<\/p>\n<p>The targeting of the Israeli company Unitronics by Cyber Av3ngers, a hacking group with ties to Iran\u2019s Islamic Revolutionary Guard Corps, has highlighted basic vulnerabilities in the water sector. The hackers are not known for sophisticated cyberattacks and often exaggerate the impact of their operations. The hacking spree targeting Unitronics appears to be aimed at influencing the perception of Israeli technologies and had little operational impact on the water facilities.<\/p>\n<p>\u201cWe have seen no access to operational systems at these water facilities, nor have we seen any impact to the provision of safe drinking water to the targeted populations,\u201d Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, told reporters Monday.<\/p>\n<p>Goldstein did not provide exact figures on the impacted water facilities, but an alert from CISA, the FBI, the National Security Agency, the Environmental Protection Agency and the Israel National Cyber Directorate noted \u201c<a href=\"https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa23-335a\">continued malicious cyber activity<\/a>.\u201d A government official said last Thursday that the number of affected facilities was <a href=\"https:\/\/cyberscoop.com\/cyber-av3ngers-israel-iran\/\">less than 10<\/a>, and so far only a municipal water facility in Aliquippa, Pa., has been identified as a victim.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cThis event is really a clarion call for every organization running operational technology to focus on some critically important but basic steps, like removing these assets from the internet and setting default passwords, and also focus on implementing CISA\u2019s cybersecurity performance goals,\u201d Goldstein said.<\/p>\n<p>Brett Leatherman, section chief of national security cyber operations at the FBI, said that the law enforcement office has \u201chistorically taken an aggressive stance on releasing information to the public on Iranian offensive cyber activity.\u201d<\/p>\n<p>Leatherman added that the FBI \u201cwill continue to work with our domestic and international partners to identify, disrupt and impose costs on Iranian affiliate actors for engaging in this activity.\u201d<\/p>\n<p>Goldstein noted that the agency is concerned about the potential for more targeted attacks or intrusions against the Israeli technology, but that they have not seen anything to that effect yet. Goldsten also said that CISA\u2019s regional teams are \u201cconducting notifications\u201d for organizations that have Unitronics devices facing the internet. The Cyber Av3ngers are thought to have only used the default password to access the devices that were visible on the open internet.<\/p>\n<p>Leatherman noted that the type of access gained by the Cyber Av3ngers can lead to deeper device and network access and \u201cmore profound cyber-physical effects.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The opportunistic attacks on the Israeli manufacturer also highlights the lack of cybersecurity mandates for the water sector. While there is little evidence that the Cyber Av3ngers intentionally targeted the water sector \u2014 a Pittsburgh brewery was also one of its victims \u2014 the campaign highlights a recent move by the EPA to <a href=\"https:\/\/cyberscoop.com\/epa-calls-off-cyber-regulations-for-water-sector\/\">stop pursuing cybersecurity mandates<\/a> through water sanitation surveys, a decision that followed a lawsuit over the regulations by several Republican-led states and water trade groups.<\/p>\n<p>David Travis, director of the water infrastructure and cyber resilience division at the EPA, said that what \u201cthese incidents underscore for us is that without cybersecurity requirements and oversight, our nation\u2019s water and wastewater system and the communities they serve will continue to be vulnerable.\u201d<\/p>\n<p>Travis noted that the EPA supports mandating additional cybersecurity requirements, but in the interim offers cybersecurity evaluation programs.<\/p>\n<p>\u201cThe myths that the EPA and CISA has labored to dispel is that implementing such cybersecurity practices is both expensive and hopelessly complex,\u201d he said. \u201cWhen in fact, effective cyber hygiene usually can be inexpensive and straightforward.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\">\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/cisa-fbi-epa-water-unitronics\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Feds: Iran-linked hacking campaign a ‘clarion call’ for digital defenses<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[452,293,859,273,288,1066],"tags":[454,299,862,279,294,1067],"class_list":["post-2145","post","type-post","status-publish","format-standard","hentry","category-cybersecurity-and-infrastructure-security-agency-cisa","category-department-of-homeland-security-dhs","category-environmental-protection-agency-epa","category-fbi","category-threats","category-water-sector","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-department-of-homeland-security-dhs","tag-environmental-protection-agency-epa","tag-fbi","tag-threats","tag-water-sector"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/department-of-homeland-security-dhs\/\" rel=\"category tag\">Department of Homeland Security (DHS)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/environmental-protection-agency-epa\/\" rel=\"category tag\">Environmental Protection Agency (EPA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/fbi\/\" rel=\"category tag\">FBI<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/water-sector\/\" rel=\"category tag\">water sector<\/a>","tag_info":"water sector","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2145","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=2145"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2145\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=2145"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=2145"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=2145"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":2145,"date":"2023-12-04T23:07:20","date_gmt":"2023-12-04T23:07:20","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=78361"},"modified":"2023-12-04T23:07:20","modified_gmt":"2023-12-04T23:07:20","slug":"feds-iran-linked-hacking-campaign-a-clarion-call-for-digital-defenses","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2023\/12\/04\/feds-iran-linked-hacking-campaign-a-clarion-call-for-digital-defenses\/","title":{"rendered":"Feds: Iran-linked hacking campaign a \u2018clarion call\u2019 for digital defenses"},"content":{"rendered":"