A joint cybersecurity advisory (CSA) from the Cybersecurity & Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Environmental Protection Agency (EPA), and the National Security Agency (NSA) has detailed an ongoing cyber threat to the U.S. Water and Wastewater Systems Sector.
The activity, which includes cyber intrusions leading to ransomware attacks, threatens the ability of those facilities in those systems to provide clean, potable water to their communities and threatens their ability to manage their communities’ wastewater. The CSA also provides extensive resources and mitigation recommendations that will help water and wastewater system facilities strengthen their operational resilience and cybersecurity practices.
According to the advisory, the risks vary from stealing sensitive data to disabling network components, disrupting operations, and more. The risks can have cascading fallout, the advisory said, impacting critical services like hospitals, firefighters, and food production, as well as dependent and interdependent critical infrastructure sectors like the energy sector and food or chemical producers.
The advisory recommended water and wastewater system facilities implement cyber hygiene and best practices within their information technology (IT) networks, ensure that their operational technology (OT) systems controlling valves and pumps are monitored and adequately protected through patching and network mapping, and properly segment IT/OT systems to ensure no part of the OT system is directly connected to the internet.
The report also included two infographics on Cyber Risks and Resources for the Supply Water and Manage Wastewater National Critical Functions to provide system managers as well as state, local, tribal and territorial partners with an overview of the risks they face and the resources available to enhance cybersecurity.