Cyber Threats to Water Sector Highlighted in Federal Alert
The Cybersecurity and Infrastructure Agency (CISA) published an alert on October 14 to highlight ongoing malicious cyber activity directed at the water sector and how the sector can protect itself from these attacks. The alert is a joint advisory resulting from analysis by CISA, the Federal Bureau of Investigation (FBI), EPA, and the national Security Agency (NSA).
The alert provides a summary of the types of cyber threats faced by utilities, including ransomware, and outdated operating and control systems. Examples of utilities that have experienced cyber intrusions are given, but the alert also notes that although attacks on all critical infrastructure sectors are increasing, the water sector has not been targeted at a greater level than other sectors.
The lists of suggested mitigation measures and resources may be useful for utilities to review. The alert is likely to highlight to Congress the ongoing cyber threats against the water sector and increase attention on the sector’s vulnerabilities. NACWA will continue to work with the other water sector associations to advocate for federal resources that can help utilities to harden their cyber defenses. NACWA members with questions or input on cybersecurity should contact Cynthia Finley, NACWA’s Director of Regulatory Affairs.