Texas
Tiny Texas City Repels Russia-Tied Hackers Eyeing Water System
When Mike Cypert got the call that utilities in remote Texas communities were being hacked, he raced across his office to unplug the computer that ran his city’s water system.
Hale Center is a dusty, cotton-growing burg of 2,000 about five hours drive northwest of Dallas. After the alert from a software vendor in January, Cypert, the city manager, said he found thousands of attempts to breach Hale Center’s firewall, some coming from an internet address that traced back to St. Petersburg, Russia.
Within minutes of the discovery, Cypert said he reported the episode to agents from the FBI and US Department of Homeland Security, who were already looking into related incidents in nearby Texas towns. One of the hacks caused a water tank in another city to overflow.
The attacks in Texas are the latest example of hackers — some of them tied to US adversaries — targeting America’s sprawling network of water utilities. In November, an Iranian-backed group attacked Israeli-made digital controls commonly used in the water and wastewater industries in the US, affecting organizations across several states. That same month, the North Texas Municipal Water District, which supplies water to more than 2 million customers, was the victim of a ransomware attacks.
Chinese state-sponsored hackers also attacked a water utility in Hawaii, the Washington Post reported in December.
“The water sector is poorly resourced and is under siege from three fronts. This is now Iran, China and Russia,” said John Hultquist, chief analyst at Mandiant Intelligence.
A spokesperson for the FBI declined to comment. The Department of Homeland Security didn’t immediately respond to a request for comment.
Read More: Iranian-Linked Hacks Expose Failure to Safeguard US Water System
Researchers at Mandiant, a unit of Google Cloud, found potential connections between the attacks on water utilities in Texas and one of Russia’s most notorious hacking groups, known as Sandworm. The group has been accused of repeatedly turning out the lights in Ukraine and hacking the 2018 Olympics Opening Games in South Korea. The US government says it is part of Russia’s military spy agency, but the ties between Sandworm and the Texas attacks are less than certain. “We’ve never seen them cross the line in the US like this before,” Hultquist said.
Among the other victims of the recent hacks was the city of Muleshoe, a 5,000-person community in northwest Texas. A resident called the city on January 18 to report a water tank overflowing. City staff found that they’d largely lost control of the system, took it offline and called the company that provides Muleshoe’s industrial control software, City Manager Ramon Sanchez said at a public meeting the next month that was covered by the Plainview Herald. The vendor told city officials that other area communities were seeing similar problems, Sanchez said at the meeting.
Sanchez didn’t respond to messages seeking comment.
That same day, a social media account called “CyberArmyofRussia_Reborn” posted a video that appears to show hackers manipulating Muleshoe’s industrial control system. Mandiant and other cybersecurity researchers believe Sandworm created and control CyberArmyofRussia_Reborn, which Hultquist described as a hacktivist persona. It’s possible that other cyber attackers are using its platforms, he said.
Andy Bennett, the chief technology officer of cybersecurity firm Apollo Information Systems, said there are various reasons why hackers might target small-town water systems. They could provide a “testing ground” for hacking tools intended for bigger targets, he said, or give foreign countries a way to scare Americans.
“Small-town America feels safe,” said Bennett, a former cybersecurity official for the state of Texas,”and if the water supply is in jeopardy, it undoes that.”
US intelligence officials are still debating whether Sandworm was involved in the Texas water utility breaches, according to people familiar with the situation who didn’t want to be named due to the sensitivities.
The Russian Embassy in Washington declined to comment.
US officials are especially worried about attacks by nation-state hackers on critical sectors of the US economy, like defense, dams, energy, financial services and water systems. Last year, the Environmental Protection Agency dropped plans to require states to assess water facilities’ cyber defenses. Republican lawmakers in three states called the oversight illegal, accusing the EPA of overreach. The White House said it would work with Congress to beef up the environmental watchdog’s authority.
The attacks on Texas utilities targeted at least two other communities. In Abernathy, hackers entered through a virtual network connection, but city staff caught them within 30 seconds and cut off the attackers as they were trying to change passwords, City Manager Donald Provost told Bloomberg News. Lockney’s city manager, Buster Poling, Jr., said his staff also caught the attack early and that it “really did not affect the city.”
Hale Center’s Cypert said he learned that other towns had been attacked when the city’s industrial control software vendor called telling them to “lock down.” Hale Center uses the same vendor as Muleshoe and a handful of other area communities, he said.
When the warning came in, Cypert said he rushed to unplug the ethernet cable from the computer that operates the water system. Hale Center wasn’t breached, but Cypert said in reviewing its security, the city’s IT contractor found what appeared to be a brute force attempt to crack Hale Center’s firewall — 37,000 tries in four days.
The attempts on Hale Center’s firewall came from IP addresses around the world but one was repeated over and over, Cypert said. The investigation traced it back to St. Petersburg and the city’s industrial control vendor, Morgeson Consulting in Lubbock, quickly got Cypert on a conference call with FBI agents already investigating the Muleshoe attack, he said.
Morgeson Consulting’s owner didn’t immediately respond to an email seeking comment.
Cypert said he later sent the FBI data from the attempts on its firewall. The city’s IT contractor, Ben Warren, also walked the investigators through some of the technical details, he said. The agents were impressed by Warren’s technical acumen and offered the city manager a piece of advice, Cypert recalled.
“Hang on to him,” they said, referring to Warren.
Copyright 2024 Bloomberg.
Topics
Cyber
Texas
Russia
A North Texas man reported missing earlier this week was found dead Friday, and police say a co‑worker has confessed to fatally shooting him and stealing his car.
The suspect, Gregory D. Lewis, 34, remains in custody and faces a forthcoming capital murder charge, according to the Fort Worth Police Department.
Lewis is accused of killing 31‑year‑old Thomas King, who had been last seen in his Taco Casa work uniform. King was reported missing on Tuesday after failing to return home Monday from the fast‑food restaurant in the 1100 block of Bridgewood Drive.
Car found at Arlington motel
Police said King’s car was found at the Quality Inn on I‑20 in Arlington, and surveillance video showed Lewis arriving in King’s vehicle shortly after King left work.
Detectives identified the man in the video and arrested him on unrelated charges.
Body discovered on Fort Worth’s East Side
King’s body was located on Friday in an open field on Fort Worth’s East Side, authorities said.
According to police, Lewis confessed to shooting the victim and stealing his car.
Medical examiner review pending
The Tarrant County Medical Examiner will determine the cause of death.
CBS News Texas has reached out to Taco Casa for comment.
Texas
Exclusive | Mexican mayor urged relatives in US to vote for Texas Dem for Congress who would ‘take care’ of their city
WASHINGTON — A Mexican mayor earlier this month urged her constituents to get their relatives in Texas to vote for House Democratic candidate Bobby Pulido because he would “take care” of their city if elected to Congress.
“We need to get out the vote for him,” said Patricia Frinee Cantú Garza, mayor of General Bravo in Nuevo León, less than two hours from the US border, in a recent Spanish-speaking Facebook reel,which The Post reviewed and translated.
“Talk to your families in the United States. Make sure they go vote,” Garza added, noting that she would be presenting the keys to the city to Pulido, a two-time Latin Grammy winner, on April 3.
“When he becomes a congressman,” she also said, “we want him to take care of Bravo.”
The city ceremony celebrating Pulido in General Bravo never received enough funding and was cancelled, the Mexican outlet El Norte reported.
Pulido has headlined concerts in General Bravo as recently as November 2023. Local officials promoted the show and the current mayor and her husband, then-mayor Edgar Cantu Fernandez, appeared.
“Bobby doesn’t know the mayor and has never met her,” a Pulido campaign spokesperson said in a statement. “He declined the invitation, didn’t attend the event, and isn’t responsible for unsolicited comments made by other people.”
Bradley Smith, a former chairman of the Federal Election Commission, said the statements wouldn’t pose legal or ethical issues for Pulido — but that the remarks may have a political cost, given the focus on foreign involvement in US elections in recent years.
“If you were making financial contributions, that would be a different thing, but just to exhort people to vote,” Smith said, “I don’t think that’s going to be a problem for them.”
Jessica Furst Johnson, a partner at the Republican-aligned campaign finance and election law firm Lex Politica, noted that event appeared to function as an in-kind contribution to Pulido’s campaign but it would be difficult to determine without “more details.”
Congressional Republicans have thus far failed to pass a bill this session aimed at beefing up identification requirements for voters when registering, though many have said laws as currently written are too lax and could lead to non-citizens casting ballots.
State investigations and audits have shown in recent years that thousands of non-citizens ended up being registered, but few have ever illegally voted. Those who have are federally prosecuted.
Pulido is challenging incumbent GOP Rep. Monica De La Cruz in the Texas district this November and has faced questions from the press about his ties to Mexico, where he has said he maintains a home for parts of the year.
The Latino music star admitted to splitting time with his family between there and Texas just two years before launching his campaign, telling a YouTube show in a 2023 interview that he’s a “summer Mexican” but “winter Texan.”
“We live on the border,” he has also said. “My wife and I have a house in Mexico. So, we travel there, and we spend time over there.”
There was no indication of a current mortgage on a property either there or in the US, according to financial disclosures that Pulido filed April 15 with the House. Those filings also revealed he holds a checking account at a Mexican bank.
“Bobby lives in his family home in Edinburg, Texas, where he was born, raised, and is raising his own family,” the Pulido campaign rep noted. “He is in complete compliance with all House disclosure rules — the property you are referencing is not his primary residence so is not required to be listed.”
AUSTIN, Texas — Criticism is mounting over the threat to withhold public safety grants from Austin and other major Texas cities, with opponents arguing the move is politically motivated as both the governor and attorney general seek office this year.
“Defunding the public safety for political reasons was wrong when the Democrats did it; still wrong when the Republicans do it,” the former executive director of the Combined Law Enforcement Associations of Texas, Charley Wilkison, wrote on X.
Criticism is mounting over the threat to withhold public safety grants from Austin and other major Texas cities, with opponents arguing the move is politically motivated as both the governor and attorney general seek office this year. (Photo: CBS Austin)
The statement came hours after Governor Greg Abbott threatened to cut $2.5 million in public safety funding to Austin. The governor expressed opposition to Austin’s decision to update its policy governing how police handle administrative warrants used by U.S. Immigration and Customs Enforcement in immigration detentions.
“The city has updated its general orders to align with state and federal law and also to protect the Fourth Amendment of Austin residents who should be free from unlawful search and seizure,” said Austin City Councilmember Mike Siegel.
ALSO| Gov. Abbott threatens to withhold $2.5 million from Austin regarding APD ICE policies
KEYE
Houston and Dallas are also facing similar threats from the governor.
“The statement from the governor’s office was really disappointing and frankly it’s wrong on the law and it’s wrong on what’s good for public safety,” Siegel said.
In a statement provided in response to a request for an interview, the Combined Law Enforcement Associations of Texas said, “Law enforcement officers continue to be dragged into political warfare while real public safety issues are ignored.”
The president of the Austin Police Association did not respond to a request for comment regarding the potential impact on officers.
A request for comment to the governor’s office received a previously issued statement from Abbott’s press secretary, which read: “A city’s failure to comply with its contract agreement with the state to assist in the enforcement of immigration laws makes the state less safe. It can have deadly consequences. Cities in Texas are expected to make the streets safer, not more deadly.”
Siegel defended the city council’s position, stating, “I can speak for myself as one of 11 voting members of our city council. We’re not going to sell our values for a couple million dollars in public safety grants.”
-
News21 minutes agoReal estate investors are buying up long-term care facilities. Residents can suffer
-
Detroit, MI2 hours agoFormer Piston shows Detroit what they’re missing as he dominates next to LeBron
-
San Francisco, CA3 hours agoEastbound I-80 closure in San Francisco snarls traffic, slows business
-
Videos3 hours agoCan Keir Starmer survive the latest Mandelson revelations? | BBC News
-
Dallas, TX3 hours agoPetar Musa’s Brace Not Enough as FC Dallas Draws LA Galaxy 2-2
-
Miami, FL3 hours agoMLS: Messi double helps Inter Miami slay Rapids in front of huge crowd
-
Boston, MA3 hours agoFrom across Boston they flock to play for Latin Academy boys’ tennis, a co-op of 29 schools – The Boston Globe
-
Denver, CO3 hours agoDale Kistler Obituary | The Denver Post