TL/DR –
The Environmental Protection Agency (EPA) has issued an alert regarding the increasing frequency and severity of cyberattacks against water utilities in the US. The agency reported that around 70% of utilities inspected last year violated standards meant to prevent such breaches. Iran, Russia, and China were identified as nations actively attempting to disable critical US infrastructure, including water and wastewater facilities; meanwhile, smaller water systems and communities are often targeted in cyberattacks by groups affiliated with these countries.
Cyberattacks on Water Utilities Escalating, Warns EPA
The Environmental Protection Agency (EPA) issued a warning about the increasing frequency and severity of cyberattacks on water utilities nationwide. The alert calls for immediate action to protect the nation’s drinking water.
Approximately 70% of utilities inspected violate standards designed to prevent breaches, according to the EPA. Even small water systems have been urged to improve their defenses, with recent cyberattacks traced back to Russian and Iranian groups, targeting smaller communities.
The EPA highlighted basic failures such as not changing default passwords or removing system access for ex-employees. Due to the reliance on computer software for operating treatment plants and distribution systems, protecting IT and process controls is vital. Cyberattacks could disrupt water treatment and storage, damage equipment, and alter chemical levels to dangerous amounts.
Increasingly, attackers are not merely defacing websites but targeting utilities’ operations. Hacks are linked to geopolitical rivals, potentially disrupting the supply of safe water. EPA Deputy Administrator Janet McCabe highlighted that China, Russia, and Iran are actively seeking the capability to disable U.S. critical infrastructure, including water and wastewater.
Recent attacks include the Iran-affiliated “Cyber Av3ngers” targeting numerous organizations, including a Pennsylvania town’s water provider. A Russian-linked group also attempted to disrupt operations at several Texas utilities.
Furthermore, the China-linked cyber group Volt Typhoon has compromised the IT of numerous critical infrastructure systems, including drinking water, in the U.S. Cybersecurity experts suggest the group is preparing for potential cyberattacks amid geopolitical tensions.
The EPA is stressing the severity of cyber threats and promising to continue inspections. Serious issues could lead to civil or criminal penalties. The EPA is engaging in efforts to prevent attacks on water providers, aligning with the Biden administration’s bid to combat threats against critical infrastructure.
The water sector faces foundational challenges, with roughly 50,000 water providers, mostly serving small towns. Limited budgets and staffing make it hard to maintain basic services and keep up with evolving regulations, let alone develop robust cybersecurity defenses.
After a legal challenge, the EPA withdrew its requirements for states to add cybersecurity evaluations to their periodic water provider performance reviews. The Safe Drinking Water Act requires certain water providers to develop threat plans, but its power is limited. Without substantial federal funding, water systems struggle to find resources for cybersecurity.
The industry advocates for a new organization of cybersecurity and water experts to develop and enforce policies in partnership with the EPA. This new body would help all utilities, regardless of their size and resources, to improve their cybersecurity defenses.
—
Read More US News