CybersecuritySecurity NewswireSecurity Leadership and ManagementSecurity & Business ResilienceAccess ManagementCybersecurity NewsInfrastructure:Electric,Gas & WaterGovernment: Federal, State and Local

US water and wastewater systems targeted by cybercrime

By Madeline Lauver
Wastewater treatment facility
October 29, 2021

A joint statement from the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Agency (CISA), the Environmental Protection Agency (EPA) and the National Security Agency (NSA) alerts U.S. water and wastewater (WWS) facilities to ongoing cyber threats to the sector. 

Cyber threats to WWS facilities

The joint alert highlighted the threats of spearphishing and ransomware, insider risk and outdated operating systems and software to WWS facilities. The FBI, CISA, EPA and NSA noted the following cyberattacks on WWS systems that took place between 2019 and early 2021:

  • California: Cyber actors attacked a WWS facility with Ghost variant ransomware, which was discovered after a month, when ransomware messages were displayed across three supervisory control and data acquisition (SCADA) servers.
  • Maine: Cyberattackers remotely introduced ZuCaNo ransomware onto a wastewater SCADA computer, resulting in the wastewater treatment facility being run manually until the computer was secure.
  • Nevada: Unknown ransomware affected a facility's SCADA and backup systems.
  • New Jersey: Staff found that potential Makop ransomware had compromised files in a WWS facility's system.
  • Kansas: A former employee unsuccessfully tried to threaten drinking water safety by using their unrevoked user credentials. 

How WWS facilities can protect themselves

The joint alert suggests multiple mitigation strategies for WWS facilities to reduce their risk of cyberattack, including threat monitoring, using blocklisting and allowlisting to control remote employee access, reviewing and testing emergency response plans and more. Instituting multi-factor authentication, strong passwords, securing remote desktop protocol and avoiding suspicious links were all listed as suggestions for WWS systems to implement immediately.

The report highlighted that cyberattacks on critical infrastructure are on the rise, noting that WWS systems are not being attacked at a higher rate compared to other critical infrastructure sectors. Read the alert for more information on the threats and cyber risk mitigation tools.

KEYWORDS: critical infrastructure cybersecurity cyber defense cyber security investigation insider threats phishing attack ransomware water utilties security

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Madeline Lauver is a former Editor in Chief at Security magazine. Within her role at Security, Lauver focused on news articles, web exclusives, features and several departments for Security’s monthly digital edition, as well as managing social media and multimedia content.

Related Articles

Related Products

See More ProductsSee More Products

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!