Last week, a group of unknown threat actors compromised a water pumping system for a "private group water scheme" in the Erris area of Ireland, resulting in the loss of water for 180 homeowners for two days. The perpetrators said the equipment - a "Eurotronics Israeli-made water pumping system" - was targeted due to the fact it originated in Israel, in an incident reminiscent of the recent exploitation of Unitronics PLCs.
While the information in this article has not been verified, including the delineation between "Eurotronics" and "Unitronics," the details are relatively consistent with known current activity by IRGC affiliated actors and is being provided for your situational awareness. From what is known or suspected, the threat actors managed to breach the organization's firewall, likely due to misconfigurations or security vulnerabilities. Subsequently, they posted a "You have been hacked" message to the computer screen at the pumphouse. According to an employee, the message also said "down with Israel" and the name of the company that hacked the utility. Despite the challenges, the utility manually restored water services on Friday night. This activity highlights victims aren't necessarily targeted based on who or where they are, but rather for what they possess (data or components) and how accessible (vulnerable/exploitable) it is—regardless of an organization's size or the number of people they serve. Additionally, such attacks are often orchestrated by nation state groups with high levels of sophistication and capability, aiming to gain access to critical infrastructure. These actors are frequently motivated by geopolitical tensions. Read more at Western People.