US’ Water Facilities Are in Danger, Says White House

water facility, water, facility, sewage, wastewater system

The White House and Environmental Protection Agency (EPA) are sounding the alarm over a spike in cyberattacks targeting water facilities and wastewater systems nationwide.

  • Recent incidents highlight the vulnerability of critical infrastructure to malicious cyber activity.
  • Federal agencies are mobilizing efforts to address cybersecurity challenges within the water sector.

The White House and Environmental Protection Agency (EPA) are warning U.S. governors of an increase in cyberattacks targeting water and wastewater systems across the country.

In a joint letter released on Tuesday, EPA Administrator Michael Regan and National Security Advisor Jake Sullivan urged state officials to reinforce cybersecurity measures to safeguard critical infrastructure.

They point out the increasing cyber threats facing the nation’s water sector, which have the potential to compromise the supply of clean and safe drinking water.

“These attacks have the potential to disrupt the critical lifeline of clean and safe drinking water, as well as impose significant costs on affected communities,” wrote Regan and Sullivan.

They also bring up recent incidents involving hackers affiliated with the Iranian Government Islamic Revolutionary Guard Corps (IRGC) and a state-sponsored Chinese cyber group known as Volt Typhoon. The former exploited vulnerabilities in the operational technology of water facilities, where those responsible “had neglected to change a default manufacturer password.” Meanwhile, the latter compromised information technology systems across critical infrastructure sectors. According to the letter, Volt Typhoon is “pre-positioning themselves to disrupt critical infrastructure operations in the event of geopolitical tensions and/or military conflicts.”

To address the cybersecurity challenges facing the water sector, federal agencies, including the EPA and the Cybersecurity and Infrastructure Security Agency (CISA), are mobilizing teams. In fact, the EPA will establish a Water Sector Cybersecurity Task Force. This initiative aims to identify key vulnerabilities within water systems and develop comprehensive strategies to boost resilience against cyber threats.

In a meeting happening soon, state and federal officials will discuss strategies for enhancing digital defenses and mitigating cyber risks. Despite these efforts, the water sector faces multiple challenges.

One, water treatment and distribution systems are increasingly reliant on digital controls and monitoring.

Two, many water utilities have an aging infrastructure that was not designed with cybersecurity in mind. Upgrading these systems to incorporate modern security features can be expensive and time-consuming.

Three, water utilities also collect and store a lot of data, such as customer information and system performance data. A cyberattack could compromise this data, leading to identity theft or other problems.

Will the measures protect this attractive target?

Inside Telecom provides you with an extensive list of content covering all aspects of the Tech industry. Keep an eye on our Cryptocurrency section to stay informed and updated with our daily articles.