It's totally true.
You avoid it by not connecting your PLC to the Internet via port forwarding port 20256 on your router. Connect to the PLC via a VPN.
Joe T.
https://www.bleepingcomputer.com/news/security/hackers-breach-us-water-facility-via-exposed-unitronics-plcs/
Is this true? and how does one avoid this
Ron
Saw this today while taking a breather after completing our VPN transition:
https://www.msn.com/en-us/news/technology/suspected-iranian-cyberattack-on-key-us-infrastructure-probed-by-security-agency/ar-AA1kNaqW?cvid=574519f6e11441188c139bf181aca0e2&ocid=winp2fptaskbarent&ei=103&sc=shoreline