The U.S. cybersecurity agencies, including CISA, FBI, NSA, EPA, and INCD, issued a joint advisory in response to the active exploitation of Unitronics programmable logic controllers (PLCs) by IRGC-affiliated cyber actors. The advisory highlights the targeting of U.S. Water and Wastewater Systems facilities and recommends specific actions to mitigate the threat, particularly against internet-facing PLCs.
IRGC-affiliated cyber actors, known as “CyberAv3ngers,” are actively compromising Unitronics Vision Series PLCs through default passwords. These PLCs, manufactured in Israel, may be rebranded under different names. The advisory underscores the importance of reviewing and implementing recommended actions and mitigations, emphasizing their applicability to all internet-facing PLCs.
All organizations, including U.S. Water and Wastewater Systems Facilities, are urged to heed the joint Cybersecurity Advisory and adopt the provided mitigations. While focused on Unitronics PLCs, the recommended actions are designed to enhance the security posture of all internet-facing PLCs, providing a comprehensive approach to address the cyber threat posed by IRGC-affiliated actors.
Reference:
