In the stretch of a few days, two municipal water facilities that serve more than 2 million residents in parts of Pennsylvania and Texas have reported network security breaches that have hamstrung parts of their business or operational processes.
In response to one of the attacks, the Municipal Water Authority of Aliquippa in western Pennsylvania temporarily shut down a pump providing drinking water from the facility’s treatment plant to the townships of Raccoon and Potter, according to reporting by the Beaver Countian. A photo the Water Authority provided to news outlets showed the front panel of a programmable logic controller—a toaster-sized box often abbreviated as PLC that’s used to automate physical processes inside of industrial settings—that displayed an anti-Israeli message. The PLC bore the logo of the manufacturer Unitronics. A sign above it read “Primary PLC.”
A second hack hitting the North Texas Municipal Water District came to light on Monday after a ransomware group tracked as DAIXIN added the district, abbreviated as NTMWD, to its leak site. The post said the group has stolen sensitive data contained in 33,844 files. A text file that accompanied the post showed what appeared to be an extensive file directory tree of the network belonging to the NTMWD.
It’s tempting to think that the hacks of two different water facilities coming to light within a few days signals an escalation. It’s easier to bear in mind that water facilities are notoriously underfunded and employ IT staff who receive little training and resources and are underpaid. Either way, the attacks should serve as a wake up call to political leaders at every level of government that critical infrastructure is vulnerable to hacking and will remain that way until they make the necessary investments.