Cyber Threat Actor Disrupts Israeli Water Infrastructure
On April 23, 2020, the Israeli National Cyber Directorate (INCD) received reports from multiple Israeli water sector owner operators describing abnormal equipment operation. INCD’s investigation found the events to be the result of a coordinated cyberattack by an unknown threat actor who accessed internet-exposed programmable logic controllers. Although the attack resulted in unexpected process behavior, it did not result in damage to equipment. In this alert, the Cybersecurity and Infrastructure Security Agency (CISA), the U.S. Environmental Protection Agency (EPA), and U.S. Department of Energy (DOE) summarize INCD’s findings and recommend mitigations that critical infrastructure owner operators—especially those with internet-exposed control system assets—should consider implementing to protect against similar attacks.