Water and wastewater (WWS) facilities are under attack, along with the recent increase in critical infrastructure cyberattacks. A joint statement from the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Agency (CISA), the Environmental Protection Agency (EPA) and the National Security Agency (NSA) details recent attacks and what WWS systems can do to bolster their cyber defense.
CISA, the Federal Bureau of Investigation, the Environmental Protection Agency, and the National Security Agency have released a joint Cybersecurity Advisory that details ongoing cyber threats to U.S. Water and Wastewater Systems Sector.
Cybercriminals have targeted the Bay Area water supply. Similar to the Oldsmar water treatment attack in Florida, the threat actor used legitimate credentials to break into remote access tool TeamViewer. After logging in, they deleted programs that the plant used to treat drinking water.
Attacks on water systems can come in various forms, not only from pure physical threats. Having a strong and diligent workforce that emphasizes security and basic methods of cyber protection is imperative.