A Pennsylvania water utility is still dealing with the fallout of pro-Iran hackers breaching some of its industrial equipment four days ago, including having to operate one of its water pump stations in manual mode, the utility’s general manager told CNN on Tuesday.
“It’s a pain,” Robert J. Bible said. “Somebody’s got to wake up at 3 in the morning and go turn on or turn off those pump stations. It’s just a big inconvenience until we can get the (automated) system back up and running.”
The hackers breached the equipment – which the Pittsburgh-area utility uses to manage water pressure – on the Friday night after Thanksgiving, displaying a message on the monitor that Israel-made gear was fair game amid the ongoing Israeli-Hamas war and stunning Bible, general manager of the Municipal Water Authority of Aliquippa, and his colleagues.
Federal authorities are investigating the intrusion.
The Municipal Water Authority of Aliquippa (MWAA), which serves about 15,000 people in the Pittsburgh area, has decided to replace the Israeli-made equipment as a precaution, Bible told CNN.
“That was maybe the furthest thing from my mind,” he said of being caught up in the array of politically motivated cyberattacks that have accompanied the war in the Middle East. “Especially for a community. We only serve 15,000 people. You wouldn’t put two and two together.”
The incident has had no impact on water quality or service. Bible said the hack was limited to one machine at a station that boosts water pressure for two nearby townships, and that his colleagues quickly contained the incident.
But the small water utility now finds itself at the center of a federal and state investigation into how the pro-Iran hackers were able to gain access to the pump station. The MWAA has handed the FBI a digital copy of the hacked industrial equipment, and FBI and Department of Homeland Security officials have been in touch regularly since the hack, Bible said.
The incident has raised concerns in Washington. The White House National Security Council has in recent days had multiple meetings about the hack of the water utility and an unrelated cyberattack that has diverted ambulances in multiple states, a US official familiar with the meetings told CNN.
“We are closely engaged with sector and interagency partners to understand this evolving situation and provide any necessary support or guidance,” Eric Goldstein, a senior official at the Cybersecurity and Infrastructure Security Agency (CISA), said in a statement to CNN.
Officials were notified Friday of a communication failure at a station that supplies boosted water pressure to two townships. When on-call personnel arrived, a computer screen that helps control pumps at the station was blank, said Bible.
After a battery was replaced, “a red screen appeared with the hack notice,” and it was immediately shut down while the system was switched to manual, Bible said.
No other facilities were impacted, and “at no point” was water service disrupted or water quality affected, said Bible. State and federal authorities were contacted Saturday, and the investigation is ongoing, he said.
“Federal officials are assisting the investigation, and I remain ready to help with federal agencies,” US Rep. Chris Deluzio said in a statement this week.
The machine that was hacked uses a system called Unitronics, which has Israeli-owned components, Aliquippa water authority Chairman Matthew Mottes told CNN affiliate KDKA.
The group has not claimed responsibility on X, formerly known as Twitter, but has claimed responsibility for hacking several water treatment stations in Israel since the October 7 attacks – claims CNN has not substantiated.
CNN is attempting to reach Israeli authorities for comment.
The Aliquippa water authority is beefing up cybersecurity in the wake of the hack, Bible said, but he declined to discuss…