American water treatment utilities are increasingly being targeted by threat actors. You may recall that on Friday afternoon’s Week in Review podcast, I reported that a hacking group believed to be from Iran called CyberAv3ngers claimed credit for taking control of the internet-connected system of a municipal water authority in Pennsylvania. It is believed this group targeted the utility because of a vulnerability in a programmable logic controller it uses from an Israeli company called Unitronics.