Iran, Russia, China Target Water Systems for Sabotage

Nation-state attackers breach water systems through weak passwords, exposed PLCs, and poor segmentation — not sophisticated malware.

Nation-state threat actors continue to attack systems that regulate, distribute, and protect water, but adversary objectives in these attacks can be more complex than they might first appear.

That's according to threat intelligence provider DomainTools, which on June 25 published research concerning recent nation-state targeting of water systems as far back as 2024. The research carried particular focus on how and why cyber adversaries are going after the infrastructure.

The intersection of "cyberattacks" and "water systems" is inherently alarming, as it calls to mind "cyber Pearl Harbor" scenarios where criminals attempt to stop the flow of, or poison, a community's water supply. Causing civilian casualties is usually not a direct aim of these attacks and, like the 2021 attack on the Oldsmar, Fla., water treatment facility showed, many modern water systems have safeguards to ensure tainted water never reaches a community's populace. That, of course, doesn't mean it can't happen, nor that cyberattacks can't have an impact on human mortality.

Source: https://www.darkreading.com/ics-ot-security/iran-russia-china-target-water-systems-sabotage