CISA: Attacks exploiting Unitronics PLCs in water utilities underway

Organizations in the water and wastewater systems sector have been warned by the Cybersecurity and Infrastructure Security Agency regarding ongoing attacks targeted at vulnerable Unitronics programmable logic controllers, one of which has already compromised the Municipal Water Authority of Aliquippa in Pennsylvania, reports The Record, a news site by cybersecurity firm Recorded Future. Aside from replacing default credentials and implementing multi-factor authentication, water utilities and wastewater systems should also disconnect their Unitronics PLCs from the internet and ensure logic and configuration backups to facilitate immediate restoration, according to CISA. Such attacks emphasize the importance of regulations aimed at ensuring sufficient cybersecurity protections in public services, noted Tenable's Marty Edwards and OPSWAT's Mark Toussaint. "Mitigating cybersecurity risks in ICS systems can present a challenge for some organizations, and particularly in Water and Wastewater Systems since they are often smaller municipalities with limited resources. This industry is also not regulated by enforceable cybersecurity requirements, making it more vulnerable," Toussaint added.