Friday, November 15, 2024
HomeCyber AttackHackers Attacking Critical US Water Systems, White House Warns

Hackers Attacking Critical US Water Systems, White House Warns

Published on

In a stark warning issued by the White House, it has been revealed that cyberattacks are increasingly targeting water and wastewater systems across the United States.

These critical infrastructures are essential for providing clean and safe drinking water to communities, yet they are now at the forefront of a silent cyber war.

Cyber Threats from Iran and China

The letter from the White House, dated March 18, 2024, outlines two significant cyber threats that have been compromising the nation’s water systems.

- Advertisement - SIEM as a Service
Document

Free Webinar : Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.:

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

AcuRisQ, that helps you to quantify risk accurately:

The first threat comes from actors affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC), who have been exploiting weaknesses in operational technology.

Specifically, they have targeted water facilities that failed to change default manufacturer passwords.

The White House refers to the Cybersecurity and Infrastructure Security Agency’s (CISA) advisory for more details on these attacks.

The second threat is the People’s Republic of China (PRC) state-sponsored cyber group, Volt Typhoon.

This group has been infiltrating information technology systems of multiple critical infrastructures, including those of drinking water.

Unlike typical cyber espionage, Volt Typhoon’s activities suggest a pre-positioning strategy to disrupt essential operations in the event of geopolitical tensions or military conflicts.

The Vulnerability of Water Systems

The letter emphasizes the attractiveness of drinking water and wastewater systems as cyberattack targets.

Despite being a lifeline critical infrastructure sector, these systems often lack the necessary resources and technical capacity to implement robust cybersecurity measures.

The U.S. Environmental Protection Agency (EPA), as the lead Federal agency under Presidential Policy Directive 21, is tasked with ensuring the resilience of the nation’s water sector to all threats and hazards.

The White House is seeking the support of state governments to ensure that water systems within their jurisdictions conduct comprehensive assessments of their cybersecurity practices.

The goal is to identify vulnerabilities, implement controls to mitigate risks and develop robust incident response plans.

The letter points out that even basic cybersecurity precautions, such as changing default passwords and updating software, can significantly reduce the risk of a cyberattack.

Resources and Assistance

The EPA and CISA offer guidance, tools, training, resources, and technical assistance to help water systems enhance their cybersecurity.

Additionally, private sector associations like the American Water Works Association, the National Rural Water Association, and the Water Information Sharing and Analysis Center provide support.

State Homeland Security advisors are also highlighted as valuable resources connected to Federal cybersecurity efforts.

Upcoming Convening and Task Force

The White House plans to invite state Environmental, Health, and Homeland Security Secretaries to a meeting to discuss improvements needed to protect the water sector from cyber threats.

This convening will address current Federal and state efforts, identify priority gaps, and emphasize the urgency of immediate action.

Furthermore, the EPA will establish a Water Sector Cybersecurity Task Force in collaboration with the Water Sector and Water Government Coordinating Councils.

This task force will focus on identifying critical vulnerabilities, challenges in adopting best practices, and strategies to reduce the risk of cyberattacks on water systems nationwide.

The White House and EPA hope that the initiatives outlined in the letter and future collaborative efforts will fortify water systems against cyber threats.

The administration appreciates the gravity of the situation and calls for a concerted effort to safeguard mission-critical water utility operations.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely

A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious...

Chinese SilkSpecter Hackers Attacking Black Friday Shoppers

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce...

Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores

The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to...

Black Basta Ransomware Leveraging Social Engineering For Malware Deployment

Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely

A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious...

Chinese SilkSpecter Hackers Attacking Black Friday Shoppers

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce...

Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores

The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to...