Assumption Water Plant – “You Have Been Hacked”

Christian Co. (ECWd) –

We reported on the Assumption and Herrick, Illinois water plants being hacked last month as covered in this article.

We submitted a Freedom of Information Act (FOIA), request to both places, and to date, only Assumption has responded.  Herrick appears to be ignoring the FOIA request.

The Assumption response confirms the computers were hacked by Cyber Avengers, an anti-Israel organization with ties to Iran.

“Since at least November 22, 2023, these IRGC-affiliated cyber actors have continued to compromise default credentials in Unitronics devices. The IRGC-affiliated cyber actors left a defacement image stating, “You have been hacked, down with Israel. Every equipment ‘made in Israel’ is CyberAv3ngers legal target.” The victims span multiple U.S. states. The authoring agencies urge all organizations, especially critical infrastructure organizations, to apply the recommendations listed in the Mitigations section of this advisory to mitigate risk of compromise from these IRGC-affiliated cyber actors.” – Cybersecurity & Infrastructure Security Agency

Other attacks by the same organization have been reported across the US.

We understand this attack was turned over to the US Department of Justice but are unable to confirm there is any investigation taking place.

A copy of the Assumptions FOIA response with the images on their computer screen can be downloaded at this link or viewed below.

assumption-foia-response-kirk-allen
toin