IE 11 is not supported. For an optimal experience visit our site on another browser.

Treasury sanctions Iranian hackers it says targeted water companies

This version of Iran Cyber Hack Unitronics Sanction Israel Rcna137012 - Technology and Innovation | NBC News Clone was adapted by NBC News Clone to help readers digest key facts more efficiently.

The Treasury Department disclosed the information when it announced sanctions against six Iranian individuals.
The Treasury Building on January 18, 2023.
The U.S. Treasury building on Jan. 18, 2023. Mandel Ngan / AFP via Getty Images file
By Kevin Collier

The Treasury Department named and sanctioned six Iranian military hackers Friday, accusing them of cyberattacks against U.S. water companies.

The attacks, most of which happened late last year, did not result in any American critical services being interrupted, the Treasury said in its announcement. But they highlight the risk of critical infrastructure connecting to the internet, and how regional physical conflict can spill into global cyberattacks.

The hackers posed online as a group of amateur anti-Israel activists calling themselves the “CyberAv3ngers,” who openly support Iran. The group maintains a presence on Telegram. After Israel’s invasion of Gaza, the CyberAv3ngers ramped up cyberattacks against Israeli infrastructure, particularly water systems.

A group of U.S. agencies had previously identified the group as being a front for the Islamic Revolutionary Guard Corps, a military branch.

The Treasury sometimes sanctions hackers working for foreign military and intelligence services for activities that the U.S. and its allies say go beyond fair play in cyberspace, like attacking civilian infrastructure. The sanctions mean American people and companies are barred from doing business with the six individuals.

The group claimed particular success against software from Unitronics, an Israeli company that sells a program popular with industrial water operators. The hackers discovered that many Unitronics customers never changed their default password, according to the Cybersecurity and Infrastructure Security Agency (CISA), making it easy for them to hunt down and gain initial access to certain water plants around the world.

In late November, the hackers broke into the systems of American Unitronics customers in several states and left a message that read, “You have been hacked, down with Israel. Every equipment ‘made in Israel’ is CyberAv3ngers legal target,” a CISA alert said.

A U.S. official at the time told NBC News that fewer than 10 American facilities had been hacked that way. Most victims remain unidentified, but the Municipal Water Authority of Aliquippa, Pennsylvania, identified itself as a victim on Thanksgiving Day.

It’s unclear if any American organizations have fallen victim to the hacking campaign since. 

The group has not claimed new victims this year.

Iran’s mission to the United Nations did not immediately respond to a request for comment.

Kevin Collier

Kevin Collier is a reporter covering cybersecurity, privacy and technology policy for NBC News.

Dan De Luce contributed.

Stay informed with daily digest and insights from NBC News Clone. We repackage top headlines for our global readers.

×
AdBlock Detected!
Please disable it to support our content.

Related Articles

Donald Trump Presidency Updates - Politics and Government | NBC News Clone | Inflation Rates 2025 Analysis - Business and Economy | NBC News Clone | Latest Vaccine Developments - Health and Medicine | NBC News Clone | Ukraine Russia Conflict Updates - World News | NBC News Clone | Openai Chatgpt News - Technology and Innovation | NBC News Clone | 2024 Paris Games Highlights - Sports and Recreation | NBC News Clone | Extreme Weather Events - Weather and Climate | NBC News Clone | Hollywood Updates - Entertainment and Celebrity | NBC News Clone | Government Transparency - Investigations and Analysis | NBC News Clone | Community Stories - Local News and Communities | NBC News Clone