Welcome
 | 
My Account
Welcome
 | 
My Account
Welcome
 | 
My Account

CyberHealth

CISA Warns of Unitronics PLC Exploitation

December 19, 2023
Click image to view gallery

You may have seen the news last week that multiple municipal water authorities declared themselves under cyber attack.  How did they get in?  The answer is quite simple: by using the default credentials on Unitronics PLCs.  The specific controllers that were compromised were equipped with HMIs and did not have their default passwords changed.  While the attack has a multitude of geopolitical ramifications, ultimately it highlights the need to revisit security measures around interconnected devices, especially those that have not had proper security controls implemented or changed from their default settings.

The Cybersecurity & Infrastructure Security Agency issued a warning specifically around the Unitronics PLCs that were compromised, but their guidance applies broadly across all IoT devices and PLCs:

You can read more from CISA here: https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs-used-water-and-wastewater-systems

To view other PMMI CyberHealth content, visit pmmi.org/cyberhealth Got a more specific question? Email [email protected].