Cal Water Finds No Evidence of OT Activity After Hackers Claimed They Could Disrupt Water Supply
Summary
The Iranian hacker group Handala claimed to have disrupted the water supply of California water utility, Cal Water, through a cyberattack. However, an investigation conducted by Cal Water with assistance from Mandiant found no evidence of operational technology (OT) activity being affected or disrupted.
IFF Assessment
Cal Water's investigation, supported by Mandiant, found no evidence that the attackers disrupted operational technology, despite their claims, indicating a successful defensive response or a failed attack on critical systems.
Defender Context
This incident underscores the ongoing threat to critical infrastructure from nation-state-linked groups and the importance of robust incident response capabilities, especially when dealing with claims of OT compromise. Defenders should focus on enhancing OT/IT convergence security, maintaining strong network segmentation, and having third-party expert support for incident investigation to accurately assess attacker capabilities versus claims.