Friday, May 24, 2024

Hackers Attacking Critical US Water Systems, White House Warns

In a stark warning issued by the White House, it has been revealed that cyberattacks are increasingly targeting water and wastewater systems across the United States.

These critical infrastructures are essential for providing clean and safe drinking water to communities, yet they are now at the forefront of a silent cyber war.

Cyber Threats from Iran and China

The letter from the White House, dated March 18, 2024, outlines two significant cyber threats that have been compromising the nation’s water systems.


Free Webinar : Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.:

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

AcuRisQ, that helps you to quantify risk accurately:

The first threat comes from actors affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC), who have been exploiting weaknesses in operational technology.

Specifically, they have targeted water facilities that failed to change default manufacturer passwords.

The White House refers to the Cybersecurity and Infrastructure Security Agency’s (CISA) advisory for more details on these attacks.

The second threat is the People’s Republic of China (PRC) state-sponsored cyber group, Volt Typhoon.

This group has been infiltrating information technology systems of multiple critical infrastructures, including those of drinking water.

Unlike typical cyber espionage, Volt Typhoon’s activities suggest a pre-positioning strategy to disrupt essential operations in the event of geopolitical tensions or military conflicts.

The Vulnerability of Water Systems

The letter emphasizes the attractiveness of drinking water and wastewater systems as cyberattack targets.

Despite being a lifeline critical infrastructure sector, these systems often lack the necessary resources and technical capacity to implement robust cybersecurity measures.

The U.S. Environmental Protection Agency (EPA), as the lead Federal agency under Presidential Policy Directive 21, is tasked with ensuring the resilience of the nation’s water sector to all threats and hazards.

The White House is seeking the support of state governments to ensure that water systems within their jurisdictions conduct comprehensive assessments of their cybersecurity practices.

The goal is to identify vulnerabilities, implement controls to mitigate risks and develop robust incident response plans.

The letter points out that even basic cybersecurity precautions, such as changing default passwords and updating software, can significantly reduce the risk of a cyberattack.

Resources and Assistance

The EPA and CISA offer guidance, tools, training, resources, and technical assistance to help water systems enhance their cybersecurity.

Additionally, private sector associations like the American Water Works Association, the National Rural Water Association, and the Water Information Sharing and Analysis Center provide support.

State Homeland Security advisors are also highlighted as valuable resources connected to Federal cybersecurity efforts.

Upcoming Convening and Task Force

The White House plans to invite state Environmental, Health, and Homeland Security Secretaries to a meeting to discuss improvements needed to protect the water sector from cyber threats.

This convening will address current Federal and state efforts, identify priority gaps, and emphasize the urgency of immediate action.

Furthermore, the EPA will establish a Water Sector Cybersecurity Task Force in collaboration with the Water Sector and Water Government Coordinating Councils.

This task force will focus on identifying critical vulnerabilities, challenges in adopting best practices, and strategies to reduce the risk of cyberattacks on water systems nationwide.

The White House and EPA hope that the initiatives outlined in the letter and future collaborative efforts will fortify water systems against cyber threats.

The administration appreciates the gravity of the situation and calls for a concerted effort to safeguard mission-critical water utility operations.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.


Latest articles

Hackers Weaponizing Microsoft Access Documents To Execute Malicious Program

In multiple aggressive phishing attempts, the financially motivated organization UAC-0006 heavily targeted Ukraine, utilizing...

Microsoft Warns Of Storm-0539’s Aggressive Gift Card Theft

Gift cards are attractive to hackers since they provide quick monetization for stolen data...

Kinsing Malware Attacking Apache Tomcat Server With Vulnerabilities

The scalability and flexibility of cloud platforms recently boosted the emerging trend of cryptomining...

NSA Releases Guidance On Zero Trust Maturity To Secure Application From Attackers

Zero Trust Maturity measures the extent to which an organization has adopted and implemented...

Chinese Hackers Stay Hidden On Military And Government Networks For Six Years

Hackers target military and government networks for varied reasons, primarily related to spying, which...

DNSBomb : A New DoS Attack That Exploits DNS Queries

A new practical and powerful Denial of service attack has been discovered that exploits...

Malicious PyPI & NPM Packages Attacking MacOS Users

Cybersecurity researchers have identified a series of malicious software packages targeting MacOS users.These...
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles