Federal officials are investigating after a pro-Iran hacking group claimed to have committed a cyberattack at a water authority in Pennsylvania, according to a state congressman and water authority officials.
“Federal officials are assisting the investigation, and I remain ready to help with federal agencies,” US Rep. Chris Deluzio said in a statement this week. There was no loss of water service to impacted individuals, Deluzio said.
Aliquippa water authority Chairman Matthew Mottes told CNN affiliate KDKA that the group allegedly took control of one water station.
The incident is one of several to highlight growing concern over US infrastructure vulnerabilities. Officials fear cyberattacks on companies or service providers could have cascading impacts on critical infrastructure operators, including hospitals and utilities.
The machine that was hacked uses a system called Unitronics, which he says has Israeli-owned components, Mottes told the affiliate.
The water authority, which is near Pittsburgh, was able to switch to a manual system after it bypassed its automated systems when it was alerted to the attack by alarms, KDKA reported.
An anti-Israel message then appeared on its screen, Mottes told KDKA.
CNN has reached out to the Municipal Water Authority of Aliquippa for comment.
The group has not claimed responsibility on X, formerly known as Twitter, but has claimed responsibility for hacking several water treatment stations in Israel since the October 7 attacks – claims CNN has not substantiated.
CNN is attempting to reach Israeli authorities for comment.
“I intend to push for a full investigation here and accountability for the attackers, and I will continue the important bipartisan work on the House Armed Services Cyber, Information Technologies, and Innovation (CITI) Subcommittee to shore up America’s defenses,” Deluzio said in a statement on social media Sunday.
CNN has reached out to Pennsylvania State Police, and federal authorities including the FBI and Department of Homeland Security.
Hospitals forced to reroute ambulances
A recent cyberattack forced multiple hospitals across several US states to reroute ambulances on Thanksgiving Day.
Some facilities were also forced to reschedule non-emergent surgery. All of the affected hospitals were owned, or partly owned, by Ardent Health Services, a Tennessee-based company that owns more than two dozen hospitals in at least five states.
A new federal program aims to warn critical American companies their systems are vulnerable to ransomware attacks. The US Cybersecurity and Infrastructure Security Agency says it has warned 60 organizations in sectors including healthcare and water they are vulnerable to such attacks.
After suspected Iranian hackers claimed a string of recent attacks on Israeli security cameras, both Israeli and US officials expressed concerns about potential ransomware attacks.
The FBI has accused Iranian government-backed hackers of an attempted hack of Boston Children’s Hospital in 2021, which did not endanger patients but nonetheless alarmed US officials. Tehran denied the allegation.
In recent weeks, US officials have been preparing for a similar scenario in which Iranian hackers conduct a disruptive attack on US critical infrastructure, a senior US official previously told CNN, speaking on the condition of anonymity because they were not authorized to talk to the press.