A coalition of federal agencies on Thursday warned that hackers are targeting the water and wastewater treatment sectors, strongly recommending that organizations take steps to protect themselves.
In a joint advisory, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), the Environmental Protection Agency (EPA) and the National Security Agency (NSA) warned of “ongoing malicious cyber activity—by both known and unknown actors—targeting the information technology (IT) and operational technology (OT) networks, systems, and devices of U.S. Water and Wastewater Systems (WWS) Sector facilities.”
“This activity — which includes attempts to compromise system integrity via unauthorized access — threatens the ability of WWS facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities,” the agencies wrote in the advisory.
The agencies noted that targeting of the water and wastewater sectors had not increased, but that “cyber threats across critical infrastructure sectors are increasing.”
The advisory highlighted threats to water and wastewater sectors from phishing emails to personnel containing dangerous attachments or links, and the exploitation by hackers of outdated systems used by many organizations.
The agencies recommended that to protect against ransomware and other attacks, facilities should “use a risk-informed analysis to determine the applicability of a range of technical and non-technical mitigations to prevent, detect, and respond to cyber threats.”
The advisory was put out following a difficult year in cybersecurity for critical infrastructure groups, particularly for the water sector.
In February, a hacker breached and unsuccessfully attempted to poison the water supply of the town of Oldsmar, Fla., while, according to the advisory, ransomware attacks throughout this year affected water sector organizations in Maine, Nevada and California.
Eric Goldstein, the executive assistant director for Cybersecurity at CISA, pointed Thursday to concerns over heightened ransomware attacks against critical organizations in emphasizing the need for owners and operators of water sector groups to protect themselves.
”Recent ransomware incidents and ongoing threats demonstrate why all critical infrastructure owners and operators should make cybersecurity a top priority,” Goldstein said in a statement provided to The Hill. “While vulnerabilities within the Water Sector are comparable to vulnerabilities observed across many other sectors, the criticality of water and wastewater infrastructure and recent intrusions impacting the sector reflect the need for continued focus and investment.”
“The battle against ransomware doesn’t start the day a cyber incident occurs,” he added. “It begins long before that with the proactive measures detailed in this joint advisory and at StopRansomware.gov that every owner and operator must take to address security gaps and protect the communities they serve.”