2 municipal water facilities report falling to hackers in separate breaches

Published

2 years ago

November 30, 2023

admin

SOMETHING IN THE WATER — 2 municipal water facilities report falling to hackers in separate breaches The facilities in Pennsylvania and Texas serve more than 2 million residents.

Dan Goodin – Nov 30, 2023 12:42 am UTC EnlargeGetty Images reader comments 18 with

In the stretch of a few days, two municipal water facilities that serve more than 2 million residents in parts of Pennsylvania and Texas have reported network security breaches that have hamstrung parts of their business or operational processes.

In response to one of the attacks, the Municipal Water Authority of Aliquippa in western Pennsylvania temporarily shut down a pump providing drinking water from the facilitys treatment plant to the townships of Raccoon and Potter, according to reporting by the Beaver Countian. A photo the Water Authority provided to news outlets showed the front panel of a programmable logic controllera toaster-sized box often abbreviated as PLC thats used to automate physical processes inside of industrial settingsthat displayed an anti-Israeli message. The PLC bore the logo of the manufacturer Unitronics. A sign above it read Primary PLC. WWS facilities in the crosshairs

The Cybersecurity and Infrastructure Security Administration on Tuesday published an advisory that warned of recent attacks compromising Unitronics PLCs used in Water and Wastewater Systems, which are often abbreviated as WWSes. Although the notice didnt identify any facilities by name, the account of one hack was almost identical to the one that occurred inside the Aliquippa facility.

Cyber threat actors are targeting PLCs associated with WWS facilities, including an identified Unitronics PLC, at a US water facility, CISA officials wrote. In response, the affected municipalitys water authority immediately took the system offline and switched to manual operationsthere is no known risk to the municipalitys drinking water or water supply.

Water Authority officials told reporters the hacked PLC regulates pressure to elevated regions and was housed in whats known as a booster station that served Raccoon and Potter. As soon as the PLC was hacked, the booster station sent an alarm to operators who then took the system offline and took manual control. They said there was never a threat to the availability of water to the 6,615 customers the facility serves. Advertisement

A second hack hitting the North Texas Municipal Water District came to light on Monday after a ransomware group tracked as DAIXIN added the district, abbreviated as NTMWD, to its leak site. The post said the group has stolen sensitive data contained in 33,844 files. A text file that accompanied the post showed what appeared to be an extensive file directory tree of the network belonging to the NTMWD. Enlarge / A partial screenshot of a text file left on the DAIXIN website listing some of the files stolen.

The North Texas Municipal Water District (NTMWD) recently detected a cybersecurity incident affecting our business computer network, an official wrote in an email. Most of our business network has been restored. Our core water, wastewater, and solid waste services to our Member Cities and Customers have not been impacted by this incident, and we continue to provide those services as usual. The official went on to say that phone systems remained offline. The district has engaged third-party forensic investigators to probe the extent of the breach.

While the network intrusion didnt come to light until Monday, NTMWD first notified residents of a phone outage on November 12. The official didnt say when the breach occurred. NTMWD serves 2.2 million people across 2,200 square miles.

DAIXIN was first spotted in June 2022. The group, which has been actively tracked by both CISA and the Water Information Sharing and Analysis Center, has successfully targeted a wide range of industries including health care, aerospace, automotive, and packaged foods.

Less is known about Cyber Aveng3rs, the group claiming responsibility for the hack on the Municipal Water Authority of Aliquippa. It may be the same group known as Cyber Av3ngers or connected to Cyber Av3ngers, which has ties to a group Microsoft has linked to the Iranian-government-backed Moses group.

Its tempting to think that the hacks of two different water facilities coming to light within a few days signals an escalation. Its easier to bear in mind that water facilities are notoriously underfunded and employ IT staff who receive little training and resources and are underpaid. Either way, the attacks should serve as a wake up call to political leaders at every level of government that critical infrastructure is vulnerable to hacking and will remain that way until they make the necessary investments. reader comments 18 with Dan Goodin Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords. In his spare time, he enjoys gardening, cooking, and following the independent music scene. Advertisement Channel Ars Technica ← Previous story Next story → Related Stories Today on Ars

Entertainment

Tomorrowland: ‘Devastating’ blaze destroys main stage at major festival – two days before it was due to begin

Published

1 hour ago

July 17, 2025

admin

Tomorrowland: 'Devastating' blaze destroys main stage at major festival - two days before it was due to begin

A huge fire has destroyed the main stage of a major festival in Belgium – two days before it was due to begin.

Tomorrowland is a dance music event as big as Glastonbury – and David Guetta was due to perform.

Footage showed flames and thick plumes of black smoke engulfing the stage and spreading to nearby woodland on Wednesday.

The annual festival in the town of Boom, north of Brussels, is one of the biggest in Europe and attracts about 400,000 people over two consecutive weekends.

It is famous for its immersive and elaborate designs and attracts big names within dance music – including Guetta, best known for tracks When Love Takes Over and Titanium.

Dutch DJs Martin Garrix and Charlotte de Witte were also due to perform, along with the likes of Swedish House Mafia, Eric Prydz and Alok.

The festival’s website described the creative elements which went into the elaborate main stage.

The theme, described as Orbyz, was “set in a magical universe made entirely out of ice” and “full of mythical creatures”.

Organisers said no one was injured in the blaze but confirmed “our beloved main stage has been severely damaged”, adding they were “devastated”.

Spokesperson Debby Wilmsen added: “We received some truly terrible news today. A fire broke out on the Tomorrowland site … and our main stage was essentially destroyed there, which is truly awful.

“That’s a stage that took years to build, with so much love and passion. So I think a lot of people are devastated.”

Despite the fire, Tomorrowland organisers said they were still expecting 38,000 festivalgoers at DreamVille, the event’s campsite.

Politics

PM criticised over ‘appalling’ decision to suspend four Labour MPs

Published

1 hour ago

July 17, 2025

admin

Starmer suspends four Labour MPs for breaches of party discipline

Sir Keir Starmer has suspended four MPs for repeated breaches of party discipline.

Brian Leishman, Chris Hinchliff, Neil Duncan-Jordan and Rachael Maskell have lost the whip, meaning they are no longer part of Labour’s parliamentary party and will sit as independent MPs.

The suspension is indefinite pending a review.

Three other MPs have had their trade envoy roles removed: Rosena Allin Khan, Bell Ribeiro-Addy and Mohammed Yasin.

Politics latest: Suspended MPs defend their voting record

All seven had voted against the government’s welfare reforms earlier this month. However, it is understood this is not the only reason behind the decision, with sources citing “repeated breaches of party discipline”.

More than 100 MPs had initially rebelled against the plan to cut personal independent payments (PIP). Ultimately, 47 voted against the bill’s third reading, after it was watered down significantly in the face of defeat.

Ms Maskell was one of the lead rebels in the welfare revolt, and has more recently called for a wealth tax to fund the U-turn.

The York Central MP has spoken out against the government on a number of other occasions since the election, including on winter fuel and cuts to overseas aid.

Confirming the suspension, Ms Maskell told Sky News that she “doesn’t see herself as a rebel” but “somebody that is prepared to fulfil (her) role here of holding the executive to account and speaking truth to power”.

She stopped short of criticising the decision, saying: “I hold my hand out to the prime minister and hope he takes that and wants to reach back because I think it’s really important that we work together.”

Ms Maskell was first elected in 2015, while the other suspended MPs were newly elected last year.

Mr Hinchliff, the MP for North East Hertfordshire, has proposed a series of amendments to the flagship planning and infrastructure bill criticising the government’s approach.

Mr Duncan-Jordan, the MP for Poole, led a rebellion against the cut to the winter fuel payments while Alloa and Grangemouth MP Mr Leishman has been critical of the government’s position on Gaza.

Suspended Labour MPs clearly hit a nerve with Starmer

Tamara Cohen

Political correspondent

@tamcohen

After a tricky few weeks for the government, in which backbenchers overturned plans to cut back welfare spending, now a heavy hand to get the party into line.

All four suspended MPs appear to be surprised – and upset.

Three more have lost plum roles as trade envoys – all on the left of the party.

All were active in the rebellion against the government’s welfare reforms, and voted against the changes even after a series of U-turns – but were among 47 Labour MPs who did so.

When MPs were told after the welfare vote that Number 10 was “fully committed to engaging with parliamentarians”, this was not what they were expecting.

We’re told the reasons for these particular suspensions go wider – over “persistent breaches of party discipline” – although most are not high profile.

In the scheme of things, Jeremy Corbyn and John McDonnell rebelled against the Labour whip hundreds of times under New Labour, without being suspended.

But these MPs’ pointed criticism of the Starmer strategy has clearly hit a nerve.

Read Tamara’s analysis in full here

‘Couldn’t support making people poorer’

Mr Duncan-Jordan told Sky News that he understood speaking out against benefit cuts would “come at a cost” but said he “couldn’t support making disabled people poorer”.

Mr Leishman echoed that sentiment, saying: “I firmly believe that it is not my duty as an MP to make people poorer, especially those that have suffered because of austerity and its dire consequences.”

Both said they remain committed to the Labour Party and its values, suggesting they have no plans to join the new party being set up by former Labour leader Jeremy Corbyn and ousted MP Zarah Sultana.

Similarly Mr Hinchliff said in a brief statement: “I remain proud to have been elected as a Labour MP and I hope in time to return to the Labour benches.”

The suspensions will be seen as an attempt to restore discipline ahead of the summer recess following a number of rebellions that has forced the government into U-turns.

As well as watering down the welfare bill, some cuts to the winter fuel payment have been reversed, leaving Chancellor Rachel Reeves with a fiscal blackhole to fill.

However, the move risks creating further divisions with a number of Labour MPs criticising the decision.

Starmer ‘rolling out the carpet to Reform’

Ian Byrne, Labour MP for Liverpool West Derby, said he was “appalled” by the suspensions as he and 44 others voted against welfare cuts.

He said this isn’t the first time the Starmer leadership has “punished MPs for standing up for what’s right”, as he and six others were suspended last year for voting against the two-child benefit cap.

“These decisions don’t show strength. They are damaging Labour’s support and risk rolling out the red carpet for Reform,” he added.

Richard Burgon, who was also temporarily suspended in the two-child benefit cap revolt, said he had hoped the leadership would take a different approach to backbenchers.

“Sadly, it isn’t yet doing so. To help stop a Reform government, it really must do so,” he said.

Jon Trickett, Labour MP for Normanton and Hemsworth, said “it’s not a sin to stand up for the poor and disabled”, adding: “Solidarity with the suspended four.”

World