Texas
Tiny Texas City Repels Russia-Tied Hackers Eyeing Water System
When Mike Cypert got the call that utilities in remote Texas communities were being hacked, he raced across his office to unplug the computer that ran his city’s water system.
Hale Center is a dusty, cotton-growing burg of 2,000 about five hours drive northwest of Dallas. After the alert from a software vendor in January, Cypert, the city manager, said he found thousands of attempts to breach Hale Center’s firewall, some coming from an internet address that traced back to St. Petersburg, Russia.
Within minutes of the discovery, Cypert said he reported the episode to agents from the FBI and US Department of Homeland Security, who were already looking into related incidents in nearby Texas towns. One of the hacks caused a water tank in another city to overflow.
The attacks in Texas are the latest example of hackers — some of them tied to US adversaries — targeting America’s sprawling network of water utilities. In November, an Iranian-backed group attacked Israeli-made digital controls commonly used in the water and wastewater industries in the US, affecting organizations across several states. That same month, the North Texas Municipal Water District, which supplies water to more than 2 million customers, was the victim of a ransomware attacks.
Chinese state-sponsored hackers also attacked a water utility in Hawaii, the Washington Post reported in December.
“The water sector is poorly resourced and is under siege from three fronts. This is now Iran, China and Russia,” said John Hultquist, chief analyst at Mandiant Intelligence.
A spokesperson for the FBI declined to comment. The Department of Homeland Security didn’t immediately respond to a request for comment.
Read More: Iranian-Linked Hacks Expose Failure to Safeguard US Water System
Researchers at Mandiant, a unit of Google Cloud, found potential connections between the attacks on water utilities in Texas and one of Russia’s most notorious hacking groups, known as Sandworm. The group has been accused of repeatedly turning out the lights in Ukraine and hacking the 2018 Olympics Opening Games in South Korea. The US government says it is part of Russia’s military spy agency, but the ties between Sandworm and the Texas attacks are less than certain. “We’ve never seen them cross the line in the US like this before,” Hultquist said.
Among the other victims of the recent hacks was the city of Muleshoe, a 5,000-person community in northwest Texas. A resident called the city on January 18 to report a water tank overflowing. City staff found that they’d largely lost control of the system, took it offline and called the company that provides Muleshoe’s industrial control software, City Manager Ramon Sanchez said at a public meeting the next month that was covered by the Plainview Herald. The vendor told city officials that other area communities were seeing similar problems, Sanchez said at the meeting.
Sanchez didn’t respond to messages seeking comment.
That same day, a social media account called “CyberArmyofRussia_Reborn” posted a video that appears to show hackers manipulating Muleshoe’s industrial control system. Mandiant and other cybersecurity researchers believe Sandworm created and control CyberArmyofRussia_Reborn, which Hultquist described as a hacktivist persona. It’s possible that other cyber attackers are using its platforms, he said.
Andy Bennett, the chief technology officer of cybersecurity firm Apollo Information Systems, said there are various reasons why hackers might target small-town water systems. They could provide a “testing ground” for hacking tools intended for bigger targets, he said, or give foreign countries a way to scare Americans.
“Small-town America feels safe,” said Bennett, a former cybersecurity official for the state of Texas,”and if the water supply is in jeopardy, it undoes that.”
US intelligence officials are still debating whether Sandworm was involved in the Texas water utility breaches, according to people familiar with the situation who didn’t want to be named due to the sensitivities.
The Russian Embassy in Washington declined to comment.
US officials are especially worried about attacks by nation-state hackers on critical sectors of the US economy, like defense, dams, energy, financial services and water systems. Last year, the Environmental Protection Agency dropped plans to require states to assess water facilities’ cyber defenses. Republican lawmakers in three states called the oversight illegal, accusing the EPA of overreach. The White House said it would work with Congress to beef up the environmental watchdog’s authority.
The attacks on Texas utilities targeted at least two other communities. In Abernathy, hackers entered through a virtual network connection, but city staff caught them within 30 seconds and cut off the attackers as they were trying to change passwords, City Manager Donald Provost told Bloomberg News. Lockney’s city manager, Buster Poling, Jr., said his staff also caught the attack early and that it “really did not affect the city.”
Hale Center’s Cypert said he learned that other towns had been attacked when the city’s industrial control software vendor called telling them to “lock down.” Hale Center uses the same vendor as Muleshoe and a handful of other area communities, he said.
When the warning came in, Cypert said he rushed to unplug the ethernet cable from the computer that operates the water system. Hale Center wasn’t breached, but Cypert said in reviewing its security, the city’s IT contractor found what appeared to be a brute force attempt to crack Hale Center’s firewall — 37,000 tries in four days.
The attempts on Hale Center’s firewall came from IP addresses around the world but one was repeated over and over, Cypert said. The investigation traced it back to St. Petersburg and the city’s industrial control vendor, Morgeson Consulting in Lubbock, quickly got Cypert on a conference call with FBI agents already investigating the Muleshoe attack, he said.
Morgeson Consulting’s owner didn’t immediately respond to an email seeking comment.
Cypert said he later sent the FBI data from the attempts on its firewall. The city’s IT contractor, Ben Warren, also walked the investigators through some of the technical details, he said. The agents were impressed by Warren’s technical acumen and offered the city manager a piece of advice, Cypert recalled.
“Hang on to him,” they said, referring to Warren.
Copyright 2024 Bloomberg.
Topics
Cyber
Texas
Russia
DALLAS — Texas can require the Ten Commandments to be displayed in public schools, a U.S. appeals court ruled Tuesday in a victory for conservatives who have long sought to incorporate more religion into classrooms.
The 9-8 decision by the 5th U.S. Circuit Court of Appeals delivered a boost to backers of similar laws in Arkansas and Louisiana. Opponents have argued that hanging the Ten Commandments in classrooms proselytizes to students and amounts to religious indoctrination by the government.
In a lengthy majority opinion, the conservative-leaning appeals court in New Orleans rejected those arguments in Texas, saying the requirement does not step on the rights of parents or students.
“No child is made to recite the Commandments, believe them, or affirm their divine origin,” the ruling says.
The American Civil Liberties Union and other groups that challenged the Texas law on behalf of parents said in a statement that they anticipate appealing the ruling to the U.S. Supreme Court.
“The First Amendment safeguards the separation of church and state, and the freedom of families to choose how, when and if to provide their children with religious instruction. This decision tramples those rights,” they said in the statement.
The mandate is one of several fronts in Texas that opponents have fought over religion in classrooms. In 2024, the state approved optional Bible-infused curriculum for elementary schools, and a proposal set for a vote in June would add Bible stories to required reading lists in Texas classrooms.
The decision over the Ten Commandments law reverses a lower federal court ruling that had blocked about a dozen Texas school districts — including some of the state’s largest — from putting up the posters. The Texas law signed by Republican Gov. Greg Abbott took effect in September, marking the largest attempt in the nation to hang the Ten Commandments in public schools.
From the start, the law was met almost immediately by a mix of embrace and hesitation in Texas classrooms that educate the state’s 5.5 million public school students.
The mandate animated school board meetings, spun up guidance about what to say when students ask questions, and led to boxes of donated posters being dropped on the doorsteps of campuses statewide. Although the law only requires schools to hang the posters if donated, one suburban Dallas school district spent nearly $1,800 to print roughly 5,000 posters.
Texas Attorney General Ken Paxton, a Republican, called the ruling “a major victory for Texas and our moral values.”
“The Ten Commandments have had a profound impact on our nation, and it’s important that students learn from them every single day,” he said.
Tuesday’s ruling comes after the appeals court heard arguments in January in the Texas case and a similar case in Louisiana. In February, the court cleared the way for Louisiana to enforce its law requiring the display of the Ten Commandments in classrooms.
Republican Louisiana Attorney General Liz Murrill said the Texas ruling “adopted our entire legal defense” of the law in her state. In Alabama, Republican Gov. Kay Ivey also signed a similar law earlier this month.
“Our law clearly was always constitutional, and I am grateful that the Fifth Circuit has now definitively agreed with us,” Murrill said in a statement posted to social media.
Judge Stephen A. Higginson, in a dissenting opinion joined by four others on the court, wrote that the framers of the Constitution “intended disestablishment of religion, above all to prevent large religious sects from using political power to impose their religion on others.”
“Yet Texas, like Louisiana, seeks to do just that, legislating that specific, politically chosen scripture be installed in every public-school classroom,” Higginson wrote.
The law says schools must put donated posters “in a conspicuous place” and requires the writing to be a size and typeface that is visible from anywhere in a classroom to a person with “average vision.” The displays must also be 16 inches wide and 20 inches tall.
Texas’ law easily passed the GOP-controlled Legislature and Republicans, including President Donald Trump, have backed posting the Ten Commandments in classrooms.
___
Associated Press writer Audrey McAvoy contributed to this report from Honolulu, Hawaii.
Texas
Glam influencer who drowned during Texas Ironman had battled flu but ignored pleas to ditch race
The glam influencer who drowned during a Texas Ironman swim had been battling the flu – but ignored pals who begged her to pull out of the brutal endurance race, according to one friend.
“She was ill before the trip, she wasn’t okay,” Luis Taveira said of close friend Mara Flávia, 38, who died during Saturday’s race in The Woodlands.
“My wife and I spoke with her to say she was too weak for this race, although a couple of days ago when we talked to her, she insisted she was okay,” Taveira said of the Brazil-born influencer, according to sports website the Spun.
“I still cannot believe what’s happened. She was ill because of the flu.”
Flávia continued “training hard” even while “weakened” by her illness, the friend said.
Just two days before the competition, Flávia shared a picture of herself in a pink swimming costume and cap sitting by the edge of a pool.
“Just another day at work,” she wrote in Portuguese.
Her Instagram account was peppered with snaps, showing her working out in a gym, by the pool, or running outdoors.
“Not every victory is photogenic, not every growth is pretty to watch. Sometimes evolving is being silent, stepping back, saying no, crying in the background, and coming back the next day more aware,” she said in one motivational post.
In others, she said that skill “only develops with hours and hours of work” and sport is “the best tool for transformation.”
The Ironman Texas competition features three legs — a 2.4-mile swim, a 112-mile bike ride, and a 26.2-mile run. The women’s event got underway just after 6:30 a.m. Saturday, with fire crews alerted around an hour later that there was a lost swimmer.
Flávia’s body was found around 9 a.m. in about 10 feet of water.
Officials have ruled her preliminary cause of death was drowning, and relatives have paid tribute.
Flávia’s sister, Melissa Araújo, said her sibling “lived life intensely” – and revealed a piece of her had vanished, People reported.
“You were always synonymous with determination, with courage — with a strength that seemed too vast to be contained within you,” she wrote on social media.
“You never did anything halfway; perhaps that is why you left such a profound mark on the lives of everyone who crossed your path.
“A piece of me is gone, and I will have to learn to live without it. And it hurts in a way I cannot even explain.
“It is a strange silence, a void I knew existed all along — as if the world itself had lost a little of its color.”
Flávia’s partner, Rodrigo Ferrari, described the swimmer as his “love” and said not waking up next to her was hard.
“Ursa, you were the best person I have ever met in my life,” he wrote in a note shared on social media.
A Brazilian fitness influencer has died after getting into difficulty during the swimming portion of an ironman event in Texas.
Mara Flavia Souza Araujo was reported as a “lost swimmer” around 7.30am at the Ironman Texas in Lake Woodlands near Houston on Saturday. According to KPRC 2 News, safety crews could not immediately locate Araujo. The 38-year-old’s body was discovered around 90 minutes later in 10ft of water by divers. She was pronounced dead on the scene.
Montgomery County Sheriff’s Department confirmed her identity in a statement to NBC on Monday.
“MCSO can confirm that Mara Flavia Souza Araujo, 38, of Brazil died while competing in the Ironman event in The Woodlands on Saturday,” the sheriff’s department told NBC News. “Preliminary investigations indicate she drowned during the swimming portion of the event.”
Araujo was an experienced triathlete and had completed at least nine ironman events since 2018. She had more than 60,000 followers on Instagram and had posted about the importance of making the most out of life in the days before her death.
Allow Instagram content?
This article includes content provided by Instagram. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. To view this content, click ‘Allow and continue’.
“Enjoy this ride on the bullet train that is life,” she wrote in Portuguese. “And even with the speed of the machine blurring the landscape, look out the window – for at any moment, the train will drop you off at the eternal station.”
Organizers of the race expressed their condolences on Saturday.
“We send our deepest sympathies to the family and friends of the athlete and will offer them our support as they go through this very difficult time,” race organizers said in a statement on Saturday. “Our gratitude goes out to the first responders for their assistance.”
-
New York1 hour agoTrump’s Immigration Crackdown Pervades Long Island Suburbs
-
Detroit, MI2 hours agoChris Simms projects Detroit Lions first-round NFL draft pick
-
San Francisco, CA2 hours agoSan Francisco sets $3.4B price tag for public takeover of PG&E
-
Dallas, TX2 hours agoGame Day Guide: Stars at Wild | Dallas Stars
-
Miami, FL2 hours agoMay a steadying presence as Cards hold off Marlins in Miami
-
Boston, MA2 hours agoTyrese Maxey, VJ Edgecombe flex in Boston: Takeaways from Celtics-76ers Game 2
-
Denver, CO2 hours agoMotorcyclist seriously injured in Denver hit-and-run crash – AOL
-
Seattle, WA3 hours agoBrock: 2 drafts fits at edge rusher for Seattle Seahawks