These incidents, though relatively unsophisticated and with limited operational impact, signal ongoing threats from hostile nations and criminal entities.
These incidents, though relatively unsophisticated and with limited operational impact, signal ongoing threats from hostile nations and criminal entities.
Neuberger, an advisor to President Biden on cyber and emerging technology, emphasized the necessity of basic security practices and the importance of "locking our digital doors" to protect against these threats, which are significantly affecting the economy.
The Iranian group known as "Cyber Av3ngers" is suspected of these attacks. Notably, they targeted a municipal water authority in Aliquippa, Pennsylvania, and several other organizations across various states. These entities were chosen for their use of Unitronics' programmable logic controllers, a common choice among water utilities.
The situation escalated when the Aliquippa water authority had to temporarily cease operations at one of its stations, impacting water pressure management for two nearby towns. The hacks, which began around November 22, have further strained U.S.-Iran relations, already tense due to the recent Israel-Hamas conflict.
White House National Security Adviser Jake Sullivan expressed concerns over Iran's involvement in regional conflicts, supplying arms to groups like the Houthi rebels in Yemen and Hamas in Gaza.
While Neuberger refrained from predicting future Iranian cyber activities, she stressed the importance of robust cybersecurity measures. This statement follows the recent repeal of an EPA rule mandating cybersecurity testing for public water systems, a decision that could have exposed vulnerabilities now being exploited.
The administration has been proactive, unveiling comprehensive cybersecurity plans and emphasizing the role of software companies in maintaining security standards. Recent criminal ransomware attacks on healthcare facilities, like the one on Ardent Health Services, further underscore the need for government-industry collaboration in cybersecurity.
The Sophos cybersecurity firm reported a significant increase in ransomware attacks on healthcare organizations over the past year, highlighting the escalating cyber threats. Neuberger concluded by underscoring the administration's commitment to cybersecurity and the necessity for rapid implementation of protective measures by state, local governments, and industries managing critical services.
Sara Montes de Oca is the Editor in Chief of TechEchelon. Previously a correspondent and producer in Washington, D.C., covering business, finance, and politics.
More from Sara →CISA has confirmed active exploitation of CVE-2026-20253, a critical Splunk Enterprise flaw that allows unauthenticated remote attackers to manipulate files, and ordered federal civilian agencies to patch by Sunday under Binding Operational Directive 26-04.
Market intelligence platform Klue has confirmed attackers stole OAuth tokens connected to customer Salesforce environments on June 12, as the newly emerged Icarus extortion group publicly claims responsibility and the list of affected organizations continues to grow.
Human Rights Watch obtained Bulgarian export licensing records showing surveillance firm Circles sold phone-interception and geolocation tools to ten governments — including the UAE, Bahrain, and Azerbaijan — between 2018 and 2023, raising fresh questions about the EU's export control enforcement.
Written for readers who already know the basics — markets, AI, and the policy decisions that shape both.