U.S. water and wastewater systems targeted by cybercrime

Cyber threats to WWS facilities

The joint alert highlighted the threats of spearphishing and ransomware, insider risk and outdated operating systems and software to WWS facilities. The FBI, CISA, EPA and NSA noted the following cyberattacks on WWS systems that took place between 2019 and early 2021:

California: Cyber actors attacked a WWS facility with Ghost variant ransomware, which was discovered after a month, when ransomware messages were displayed across three supervisory control and data acquisition (SCADA) servers.
Maine: Cyberattackers remotely introduced ZuCaNo ransomware onto a wastewater SCADA computer, resulting in the wastewater treatment facility being run manually until the computer was secure.
Nevada: Unknown ransomware affected a facility's SCADA and backup systems.
New Jersey: Staff found that potential Makop ransomware had compromised files in a WWS facility's system.
Kansas: A former employee unsuccessfully tried to threaten drinking water safety by using their unrevoked user credentials.

How WWS facilities can protect themselves

The joint alert suggests multiple mitigation strategies for WWS facilities to reduce their risk of cyberattack, including threat monitoring, using blocklisting and allowlisting to control remote employee access, reviewing and testing emergency response plans and more. Instituting multi-factor authentication, strong passwords, securing remote desktop protocol and avoiding suspicious links were all listed as suggestions for WWS systems to implement immediately.

The report highlighted that cyberattacks on critical infrastructure are on the rise, noting that WWS systems are not being attacked at a higher rate compared to other critical infrastructure sectors. Read the alert for more information on the threats and cyber risk mitigation tools.

Madeline Lauver is the Editor in Chief of Security magazine. Lauver joined Security in 2021 as its Assistant Editor, and she covers news affecting enterprise security leaders, including physical security, cybersecurity, leadership and management, risk and resilience and more. Within her role at Security, Lauver focuses on news articles, web exclusives, features and several departments for Security’s monthly digital edition, as well as managing social media and multimedia content. Lauver graduated in 2019 with a B.A. in English, German and Media Studies from Kalamazoo College.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.

US water and wastewater systems targeted by cybercrime

Cyber threats to WWS facilities

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

US water and wastewater systems targeted by cybercrime

Cyber threats to WWS facilities

Share This Story

Related Articles

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.