U. S. water utilities should take a number of defense measures, according to CISA, the FBI, and the Environmental Protection Agency ( EPA ), to better protect their systems from cyberattacks.
The top eight steps U.S. Water and Wastewater Systems ( WWS ) sector organizations can take to lower cyberattack risks and strengthen their defenses against malicious activity are outlined in the fact sheet they released today. Additionally, it provides information on how these defense measures can be supported by free services, resources, and tools.
All WWS Sector and critical infrastructure organizations are urged to review the fact sheet and put the measures in place to increase resilience to cyber threat activity by the CISA, EPA, and FBI, according to the organizations.
” Entities should contact EPA and/or their regional CISA cybersecurity advisor for assistance if they need additional support to carry out any of the actions listed in the fact sheet.”
Water utilities are advised to conduct routine cybersecurity assessments to identify the current vulnerabilities within OT and IT systems in order to lessen exposure of important assets ( such as controllers and remote terminal units ) to the public-facing internet.
Additionally, they should implement multifactor authentication ( MFA ) whenever possible, create inventories of OT/IT assets to better understand how they are attacked, and regularly backup these systems to facilitate recovery after a breach.
Additionally, it is advised that WWS facilities develop and use cybersecurity incident response and recovery plans for quicker response times in the event of a compromise, patch or mitigate known vulnerabilities to stop exploitation attempts, and hold yearly cybersecurity awareness training sessions to educate staff on how to prevent and respond to cyberattacks.
Attack on critical water infrastructure worldwide
Cyberattacks have frequently targeted water facilities in recent years, jeopardizing critical infrastructure security and posing safety concerns for the general public.
Veolia North America and the United Kingdom’s Southern Water are two water treatment companies that have experienced ransomware breaches since the beginning of the year, forcing them to shut down systems to contain the breaches.
To assist defenders in securing water utilities, CISA, the FBI, and the EPA have published an incident response guide.
A free security scan program was also made available by the U.S. cybersecurity agency in September to aid in the detection of security flaws and the protection of systems from cyberattacks in critical infrastructure like water utilities.
Although potable water safety for nearby communities remained unaffected, CISA issued a warning in November that hackers had broken in and taken advantage of vulnerable Unitronics programmable logic controllers ( PLCs ).
Multiple breaches that resulted in the deployment of Ghost, ZuCaNo, and Makop ransomware have had an impact on U.S. Water and Wastewater Systems ( WWS ) facilities in recent years.
These ransomware attacks affected Pennsylvania’s water system in May 2021, the Southern California Camrosa Water District in August 2020, and the South Houston wastewater treatment plan in 2011.