home Security Counter Terror Anti-Israeli Iranian Cybergang Attacks US Water Sector

Anti-Israeli Iranian Cybergang Attacks US Water Sector

Hackers Target Israel in a New Cyberattack Operation

This post is also available in: עברית (Hebrew)

The US accuses Iran’s elite military government of using a nation-state threat group to launch attacks on its water sector as part of its conflict with Israel.

The FBI and NSA issued a statement condemning the Iranian Revolutionary Guard Corps (IRGC), or more specifically the cybergroup CyberAv3ngers, which it says was behind recent attacks on its water supply as a result of its going after Israeli companies in the sector.

According to Cybernews, the incident came to light in November after the hack of the municipal water authority in Pennsylvania, its computer terminal interface reading: “You have been hacked, down with Israel. Every equipment ‘made in Israel’ is CyberAv3ngers legal target.”

The CISA stated: “IRGC-affiliated cyber actors using the persona ‘CyberAv3ngers’ are actively targeting and compromising Israeli-made Unitronics Vision Series programmable logic controllers (PLCs),” adding that the PLCs are “commonly used in the water and wastewater systems sector and […] in other industries including, but not limited to, energy, food and beverage manufacturing, and healthcare.”

CyberAv3ngers was described by CISA as a “cyber persona” of the IRGC, a terrorist organization that’s said to have claimed responsibility for multiple attacks on Israeli soil since 2020. Cybernews reports that a Telegram channel supposedly belonging to the group was spotted displaying “both legitimate and false claims of multiple cyberattacks against Israel” in recent months. Additionally, CyberAv3ngers is said to have targeted Israeli public companies in the water, energy, shipping, and distribution sectors.

It is also believed that CyberAv3ngers has an accomplice in the cybergang “Soldiers of Solomon”, with the CISA stating: “The CyberAv3ngers-linked Soldiers of Solomon claimed responsibility for compromising over 50 servers, security cameras, and smart city management systems in Israel,” adding that the “majority of these claims were proven false.”