In a recent turn of events, the Cybersecurity and Infrastructure Agency (CISA) issued a significant advisory highlighting malicious cyber activities orchestrated by an Iranian cyber group targeting various United States facilities.

This advisory, posted on December 1, sheds light on the usage of Israeli-made systems by the cyber group known as “CyberAv3ngers,” to compromise operational technology devices in critical infrastructure sectors.

The CISA, along with several other federal agencies, including the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Environmental Protection Agency (EPA), and Israel National Cyber Directorate (INCD), jointly released a cybersecurity advisory to caution organizations about continued malicious cyber activities by an Iranian Government Islamic Revolutionary Guard Corps (IRGC)-affiliated Advanced Persistent Threat (APT) cyber actors.

The Targeted Infrastructure: Vulnerabilities in Operational Technology

The primary focus of these cyber attacks revolves around targeting Unitronics Vision Series programmable logic controllers (PLCs), commonly employed in critical sectors such as water and wastewater systems, healthcare, manufacturing, energy, and food and beverage industries.

These PLCs serve as integral components in managing operational functions, yet their exposure to the internet makes them susceptible to cyber infiltrations.