Connect with us

Texas

Tiny Texas City Repels Russia-Tied Hackers Eyeing Water System

Published

on

Tiny Texas City Repels Russia-Tied Hackers Eyeing Water System


When Mike Cypert got the call that utilities in remote Texas communities were being hacked, he raced across his office to unplug the computer that ran his city’s water system.

Hale Center is a dusty, cotton-growing burg of 2,000 about five hours drive northwest of Dallas. After the alert from a software vendor in January, Cypert, the city manager, said he found thousands of attempts to breach Hale Center’s firewall, some coming from an internet address that traced back to St. Petersburg, Russia.

Within minutes of the discovery, Cypert said he reported the episode to agents from the FBI and US Department of Homeland Security, who were already looking into related incidents in nearby Texas towns. One of the hacks caused a water tank in another city to overflow.

The attacks in Texas are the latest example of hackers — some of them tied to US adversaries — targeting America’s sprawling network of water utilities. In November, an Iranian-backed group attacked Israeli-made digital controls commonly used in the water and wastewater industries in the US, affecting organizations across several states. That same month, the North Texas Municipal Water District, which supplies water to more than 2 million customers, was the victim of a ransomware attacks.

Advertisement

Chinese state-sponsored hackers also attacked a water utility in Hawaii, the Washington Post reported in December.

“The water sector is poorly resourced and is under siege from three fronts. This is now Iran, China and Russia,” said John Hultquist, chief analyst at Mandiant Intelligence.

A spokesperson for the FBI declined to comment. The Department of Homeland Security didn’t immediately respond to a request for comment.

Read More: Iranian-Linked Hacks Expose Failure to Safeguard US Water System

Researchers at Mandiant, a unit of Google Cloud, found potential connections between the attacks on water utilities in Texas and one of Russia’s most notorious hacking groups, known as Sandworm. The group has been accused of repeatedly turning out the lights in Ukraine and hacking the 2018 Olympics Opening Games in South Korea. The US government says it is part of Russia’s military spy agency, but the ties between Sandworm and the Texas attacks are less than certain. “We’ve never seen them cross the line in the US like this before,” Hultquist said.

Advertisement

Among the other victims of the recent hacks was the city of Muleshoe, a 5,000-person community in northwest Texas. A resident called the city on January 18 to report a water tank overflowing. City staff found that they’d largely lost control of the system, took it offline and called the company that provides Muleshoe’s industrial control software, City Manager Ramon Sanchez said at a public meeting the next month that was covered by the Plainview Herald. The vendor told city officials that other area communities were seeing similar problems, Sanchez said at the meeting.

Sanchez didn’t respond to messages seeking comment.

That same day, a social media account called “CyberArmyofRussia_Reborn” posted a video that appears to show hackers manipulating Muleshoe’s industrial control system. Mandiant and other cybersecurity researchers believe Sandworm created and control CyberArmyofRussia_Reborn, which Hultquist described as a hacktivist persona. It’s possible that other cyber attackers are using its platforms, he said.

Andy Bennett, the chief technology officer of cybersecurity firm Apollo Information Systems, said there are various reasons why hackers might target small-town water systems. They could provide a “testing ground” for hacking tools intended for bigger targets, he said, or give foreign countries a way to scare Americans.

“Small-town America feels safe,” said Bennett, a former cybersecurity official for the state of Texas,”and if the water supply is in jeopardy, it undoes that.”

Advertisement

US intelligence officials are still debating whether Sandworm was involved in the Texas water utility breaches, according to people familiar with the situation who didn’t want to be named due to the sensitivities.

The Russian Embassy in Washington declined to comment.

US officials are especially worried about attacks by nation-state hackers on critical sectors of the US economy, like defense, dams, energy, financial services and water systems. Last year, the Environmental Protection Agency dropped plans to require states to assess water facilities’ cyber defenses. Republican lawmakers in three states called the oversight illegal, accusing the EPA of overreach. The White House said it would work with Congress to beef up the environmental watchdog’s authority.

The attacks on Texas utilities targeted at least two other communities. In Abernathy, hackers entered through a virtual network connection, but city staff caught them within 30 seconds and cut off the attackers as they were trying to change passwords, City Manager Donald Provost told Bloomberg News. Lockney’s city manager, Buster Poling, Jr., said his staff also caught the attack early and that it “really did not affect the city.”

Hale Center’s Cypert said he learned that other towns had been attacked when the city’s industrial control software vendor called telling them to “lock down.” Hale Center uses the same vendor as Muleshoe and a handful of other area communities, he said.

Advertisement

When the warning came in, Cypert said he rushed to unplug the ethernet cable from the computer that operates the water system. Hale Center wasn’t breached, but Cypert said in reviewing its security, the city’s IT contractor found what appeared to be a brute force attempt to crack Hale Center’s firewall — 37,000 tries in four days.

The attempts on Hale Center’s firewall came from IP addresses around the world but one was repeated over and over, Cypert said. The investigation traced it back to St. Petersburg and the city’s industrial control vendor, Morgeson Consulting in Lubbock, quickly got Cypert on a conference call with FBI agents already investigating the Muleshoe attack, he said.

Morgeson Consulting’s owner didn’t immediately respond to an email seeking comment.

Cypert said he later sent the FBI data from the attempts on its firewall. The city’s IT contractor, Ben Warren, also walked the investigators through some of the technical details, he said. The agents were impressed by Warren’s technical acumen and offered the city manager a piece of advice, Cypert recalled.

“Hang on to him,” they said, referring to Warren.

Advertisement

Copyright 2024 Bloomberg.

Topics
Cyber
Texas
Russia



Source link

Advertisement
Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Texas

Isolated strong storms and widespread showers head for North Texas

Published

on

Isolated strong storms and widespread showers head for North Texas


Isolated strong storms and widespread showers head for North Texas – CBS Texas

Watch CBS News


A First Alert has been issued for Monday as a potent cold front passes through the area, bringing the chance of isolated strong storms and widespread showers. The strongest activity is forecast to move through by the afternoon commute.

Advertisement

Be the first to know

Get browser notifications for breaking news, live events, and exclusive reporting.




Source link

Advertisement
Continue Reading

Texas

Former Georgia cornerback has committed to Texas A&M

Published

on

Former Georgia cornerback has committed to Texas A&M


Texas A&M’s transfer portal success continued on Sunday as the Aggies gained their third commitment after landing quarterback Jacob Zeno and tight end Micah Riley earlier this week.

To some surprise, things became official early in the day, as 247Sports’ Matt Zenitz confirmed that former Georgia cornerback Julian Humphrey would transfer to Texas A&M.

On Saturday, Texas A&M recruiting insider Jaxson Callaway stated that Humphrey had narrowed his transfer options and planned to announce his commitment on Friday, Dec. 20. Well, things change in an instant, and coach Mike Elko and his defensive staff have picked up an instant starter for 2025.

Last offseason, Humphrey nearly transferred to Texas A&M but opted to return to Georgia for a final year. During the 2024 season, Humphrey recorded 11 tackles and four pass deflections, ending the year with a 69 coverage grade, according to Pro Football Focus. He is the third-ranked cornerback on the portal.

Advertisement

A native of Webster, Texas, Humphrey’s hometown is only two hours away from College Station, as the incoming junior will be an immediate contributor within an experienced cornerback rotation looking to take the next step in 2025.

Contact/Follow us @AggiesWire on X and like our page on Facebook to follow ongoing coverage of Texas A&M news, notes and opinions. Follow Cameron on X: @CameronOhnysty.





Source link

Advertisement
Continue Reading

Texas

Texas man gets 100 years for interstate shooting spree that killed one, injured others

Published

on

Texas man gets 100 years for interstate shooting spree that killed one, injured others


A Las Vegas judge has sentenced a Texas man to 100 years in prison for his role in a two-state shooting on Thanksgiving 2020 in which he killed a man in Nevada and engaged in a shootout with law enforcement in Arizona.

Christopher McDonnell, 32, of Tyler, Texas, pleaded guilty in October to more than 20 felonies, including murder, attempted murder, murder conspiracy, weapon charges and being a felon illegally in possession of a firearm.

Clark County District Judge Tierra Jones sentenced him on Friday to a minimum of 100 years in prison, KLAS-TV reported. Although unlikely to be alive by then, he would be eligible for parole in 2120 with credit for time served.

LAS VEGAS MAN WHO JUMPED A DESK TO ATTACK JUDGE IN COURTROOM SENTENCED TO AT LEAST 26 YEARS IN PRISON

Advertisement

Christopher McDonnell, 32, of Tyler, Texas, pleaded guilty in October to more than 20 felonies. (Henderson Police Department via AP)

McDonnell, his brother Shawn McDonnell, 34, and Shawn McDonnell’s then-wife Kayleigh Lewis, 29, were originally slapped with dozens of charges.

The three of them began an 11-hour rampage on Nov. 26, 2020, when they carried out what appeared to be random shootings that killed Kevin Mendiola Jr., 22, at a convenience store in Henderson, Nevada, and wounded several other people with drive-by gunfire.

EXONERATED WOMAN AWARDED $34M AFTER JURY FINDS LAS VEGAS POLICE FABRICATED EVIDENCE IN 2001 KILLING

Jail

Christopher McDonnell would be eligible for parole in 2120 with credit for time served. (iStock)

The group then traveled across the state border to Arizona, where they carried out additional shootings, including one involving a police officer.

Advertisement

The three accused criminals were arrested after their car rolled over.

Prosecutors said Lewis was driving as the two brothers fired indiscriminately out of the windows of the vehicle.

Jail cell

Clark County District Judge Tierra Jones sentenced Christopher McDonnell to a minimum of 100 years in prison. (iStock)

CLICK HERE TO GET THE FOX NEWS APP

The shooting rampage ended near Parker, Arizona, following a pursuit involving officers from the Arizona Department of Public Safety, a car crash of a vehicle with a Texas license plate and Shawn McDonnell suffering wounds from troopers carrying rifles, according to police.

Shawn McDonnell and Lewis are still awaiting trial.

Advertisement

The Associated Press contributed to this report.



Source link

Continue Reading

Trending