Ireland Suffered A Crippling Cyberattack On Utility Water Supply for Two Days
Last week, Ireland suffered a crippling attack on the systems of a small water utility, interrupting the water supply for two days.
The local newspaper, Western People, and technical details are murky. The statement highlighted the attack targeted a private group water scheme in the Erris area and impacted 180 people leaving them without water in Binghamstown and Drum.
Ireland had Weak System Protective Measures
The local report reveal that the threat actors targeted a Eurotronics water pumping system, defacing a user interface with a message announcing the hack.
Interestingly, the hackers revealed their motive in a post of an anti-Israel message and said they attacked the system due to it being made in Israel.
The statement stated that the Irish water facility was likely targeted by self-described hacktivists, who exploited the control of a poorly protected industrial control system (ICS).
Furthermore, the water utility’s representatives said the actors may have breached the system due to their firewall not being strong enough.
However, recurrently, hackers target internet-exposed programmable logic controllers (PLCs) or human-machine interfaces (HMIs) protected at all fronts or not protected by a default password.
Water Facilities Targeted Attacks
Coincidentally, the US government previously warned that a hacking group publicly known as Cyber Av3ngers has been targeting multiple water facilities in the United States. In each of their operations, the hackers took control of Unitronics Vision series PLCs with an integrated HMI.
The most probable scenario is that they have been attacking internet-exposed PLCs protected by a default password that can be easily infiltrated.
Notably, the Cyber Av3ngers group has made countless claims about hacking critical infrastructure organizations in Israel, but some of their claims turned out to be false.
It’s illegible if this hacking group is behind the attack on the Irish water utility, but based on the notable data either Cyber Av3ngers or a matching threat actor is responsible.