WaterOperator.org’s Post

"About 70% of utilities inspected by federal officials over the last year violated standards meant to prevent breaches or other intrusions. Officials urged even small water systems to improve protections against hacks. In many cases, systems are not doing what they are supposed to be doing, which is to have completed a risk assessment of their vulnerabilities that includes cybersecurity and to make sure that plan is available and informing the way they do business," said EPA Deputy Administrator Janet McCabe. From a macro and micro standpoint this is really interesting. However it's not surprising given how so much of OT is built off legacy systems. We constantly see that attackers can use these initial entry points on the OT side to move into devices on the IT side. This is why Darktrace heavily emphasizes a central point of protection that can cover both areas.

American Water, the largest water utility in the U.S., is targeted by a cyberattack. America's critical infrastructure must be protected from these attacks. This requires vigilance and collaboration across both the public and private sectors. The status of the security programs and the specific security controls for these organizations should not be a mystery. Unfortunately, too many of these organizations have underfunded and under-resourced security programs.

World War 3 has been raging in the #cybersecurity world for decades. The most recent skermish reports the National Security Agency includes attacks on the US telecommunications infrastructure and utilities (Verizon, AT&T, Lumen Technologies and American Water). The last one got so paraniod that they shut down all traffic to their site from outside of the US Things are likely to get worse as state backed actors continue to target infrastrucure services in all possible ways. Do your part and be as secure as you can, it doesn't matter which company you work for or what role you have. You may be the weakest link that attackers can use to compromise your work. Stay vigilant More details: VZW, ATT, Lumen: https://lnkd.in/ecXKGb6D Awater: https://lnkd.in/ecrGPhc7

Urgent Cybersecurity Update: Breach at Indiana Wastewater Plant A significant cybersecurity incident occurred at a wastewater treatment facility in Indiana, USA, in late April 2024. According to investigators, a Russian APT group was behind this attack, part of a broader campaign targeting U.S. critical infrastructure. The attackers gained unauthorized access to the Human Management Interface (HMI) system, altering operational settings that could have allowed for the manipulation of critical processes. The consequences of the attack were severe. Immediate shutdown of operations and potential for untreated wastewater release led to local water body contamination, affecting community health and wildlife. The financial and community impact of the incident was significant due to emergency responses and heightened security measures. The affected systems were isolated, and operations were halted to prevent further damage. A leading cybersecurity firm was engaged to conduct a full audit and security overhaul. Enhanced access controls and security training for staff have been implemented. This incident highlights the critical need for continuous improvement in our cybersecurity defenses, especially for infrastructure vital to public safety. The sophistication of the attack underscores the importance of preparing for and mitigating potential vulnerabilities exploited by APT groups. For more information and updates, please follow the ongoing developments. Stay informed and stay secure. #Cybersecurity #InfrastructureSecurity #PublicSafety #APT #IncidentResponse

Recent assessments paint a concerning picture: nearly 70% of inspected water utilities are falling short of cybersecurity standards, leaving them exposed to severe cyberattacks. These attacks, often orchestrated by sophisticated groups with ties to Russia, Iran, and China, present a tangible threat to the safety and accessibility of our drinking water.   The potential consequences are dire: disruptions in water treatment and storage, equipment damage, and even manipulation of chemical levels threaten the availability of safe drinking water. This serves as a critical wake-up call for us all. #Cybersecurity #CriticalInfrastructure #CommunitySafety #PublicHealth #CyberThreats #DrinkingWater #SecurityAlert #StayInformed #ProtectOurWater #InfrastructureSecurity #GlobalSecurity #CyberDefense https://lnkd.in/dKBG7J78

Explore the recent surge in cyberattacks targeting U.S. water systems, the potential dangers to public health and safety, and what's being done to prevent future incidents. Discover how hackers could be threatening your tap water, and learn how cybersecurity measures are being ramped up to protect vital infrastructure. Don't forget to subscribe to Oppos for more crucial updates and expert insights. https://smpl.is/9eazn

Have you checked out the latest edition of The Authority (October 2024)? Celebrating Cybersecurity Awareness Month - articles feature tips to recognize potential cyber risks in management and operations and learn proven practices authorities can implement to enhance their systems’ resilience. 

#Cyberattacks on water systems are increasing, #EPA warns, urging #utilities to take immediate action. #Cybersecurity #Cyberattack #Cybercrime Read the article via CBS News.

In a recent interview with Bob Crossen from Wastewater Digest, Jay Smilyk, Global VP of Sales at NanoLock, shares practical steps every wastewater plant manager and owner can take to mitigate internal and external cyber risks. Watch the full interview to discover how you can start protecting your infrastructure today! 🔗 https://lnkd.in/dr9_dk4e #Cybersecurity #WastewaterManagement #NanoLockSecurity #RiskMitigation #InfrastructureProtection

American Water Was Hit by Cyberattack and Paused Billing Systems American Water, the largest water utility in the U.S., recently suffered a cyberattack, prompting the company to pause its billing systems. The New Jersey-based firm, which serves over 14 million people across 14 states, discovered unauthorized activity and took immediate steps to protect its systems. While the company reports that its operations and facilities remain unaffected, an investigation is underway with law enforcement's assistance. During this time, customers won't face late charges as the company works to resolve the issue. This incident highlights the growing cybersecurity threats facing critical infrastructure providers. CNN article ➡️ https://lnkd.in/gTcVpi2e #Cybersecurity #WaterUtility #ITsecurity #Cyberattack #Infrastructure #AmericanWater