Cyber Army of Russia Reborn Targets US Water Infrastructure in Physical Control Attacks

A group called Cyber Army of Russia Reborn has recently released a video through their Telegram channel revealing that they were able to manipulate the controls for water tanks in Texas, causing pumps to turn on by altering water level indicators and making one tank overflow in Muleshoe. The towns of Abernathy, Lockney, and Hale Center also reported hacker attempts at their water systems, with some successful breaches taking place during the November 2023 CyberAv3ngers global attacks on multiple water utilities, including a successful attack against Aliquippa’s systems in Pennsylvania. These incidents differ from typical website defacements as they involved actual control of physical processes by hacker groups ideologically aligned with adversarial national governments such as Russia and Iran. The FBI confirmed that the China-backed threat group VOLTZITE had breached critical infrastructure globally since February 2023, including energy systems and transportation networks in preparation for future attacks on water supplies. While these cyber threats targeting small towns may invoke comparisons to David versus Goliath battles, the lack of adequate preparations leaves our vulnerable infrastructure open to intensifying attack strategies from adversarial governments around the world. Both Cyber Army of Russia Reborn and CyberAv3ngers utilized basic tactics such as default password exploitation in their recent attacks; however, more sophisticated methods could have severe consequences for water treatment processes or physical systems’ damage. While rehabilitating and replacing aging infrastructure is essential due to operational benefits and financial reasons, new technologies will also increase connectivity via internet-enabled devices that provide attackers with additional access points. The EPA reports that 90% of community water systems are small public facilities serving fewer than ten thousand customers; these entities often lack adequate budgets for equipment or cybersecurity personnel/services to address the escalating threat environment without expertise and technologies necessary to mitigate risks, including operational technology vulnerabilities such as industrial control systems used in pumping stations. To combat this challenge, government agencies share information with industries concerning advisories on vulnerability risks along with recommendations to boost preparedness against threats. However, water facilities still face cybersecurity challenges due to the lack of structures for funding investments and a lengthy process required before federal funds reach utilities. Vendors also offer resources like tools and shared data to strengthen community security across all critical infrastructure sectors in need through information sharing programs that bolster national defense efforts as well. To avoid delays between attack detection, recovery or mitigation phases following an assault on our vulnerable water systems, we must work together more closely than ever before by closing the resource gap using grants such as the State and Local Cybersecurity Grant Program at DHS’s expense to fund cybersecurity investments that are recoverable through local government budget-setting processes. We cannot force utilities to choose between reliability or security since our communities require both safe water supply and availability, but we must act quickly before another small town with minimal defenses is targeted by more sophisticated attacks on larger cities’ systems.