The government is alarmed by the prospect of a strike on the country's critical infrastructure.
The Biden administration has warned of the risk of cyber attacks on water systems, pointing to ongoing threats from hackers linked to the governments of Iran and China.
In a letter to the governors that was published on March 19, Environmental Protection Agency Administrator Michael Regan and National Security Adviser Jake Sullivan expressed concern that targeted cyberattacks could disrupt the vital function of providing the public with clean and safe drinking water, as well as cause significant financial damage to communities affected by the shutdown.
Hackers affiliated with Iran's Islamic Revolutionary Guard Corps recently attacked U.S. drinking water systems, while the Chinese-sponsored Volt Typhoon group compromised information technology for drinking water supplies and other critical infrastructure systems.
The letter states that federal departments and agencies view the actions of Volt Typhoon actors with a high degree of confidence as preparation for possible disruption of critical infrastructure operations in the event of geopolitical tensions and / or military conflicts.
The US water supply system is a particularly vulnerable part of the country's infrastructure due to weak control mechanisms, insufficient funding, and a lack of personnel. The Environmental Protection Agency is the leading federal agency responsible for ensuring that the nation's water sector is resilient to all threats and hazards, including cyberattacks.
In late November, an Iranian-backed hacker group attacked Israeli-made digital control systems that are widely used in the US water and wastewater industries. The attack affected several organizations in various states. While these incidents did not affect water supplies, they highlighted the difficulty of dialogue between the federal Government and municipal water supply associations on how best to protect water resources.
The letter emphasizes that drinking water and sanitation systems are an attractive target for cyber attacks, since they represent critical infrastructure, but often do not have the necessary resources for protection or the technical competence to implement strict cybersecurity practices.
The document also points out that in many cases, even basic security measures, such as changing standard passwords or updating software to address known vulnerabilities, are not implemented, which can be a decisive factor between the usual course of affairs and a devastating cyber attack.
The authors of the letter invite state officials to a meeting on March 21 to discuss this threat and develop defense strategies. This demonstrates the seriousness of the Federal Government's commitment to preventing potential threats to water security and underscores the importance of joint efforts at all levels of government to ensure the protection of vital infrastructure.
Thus, the situation with cybersecurity in the US water supply sector is under special control at the highest level. Authorities are calling for vigilance and increased security measures to counter possible threats from foreign state and non-state actors seeking to disrupt critical infrastructure.
The Biden administration has warned of the risk of cyber attacks on water systems, pointing to ongoing threats from hackers linked to the governments of Iran and China.
In a letter to the governors that was published on March 19, Environmental Protection Agency Administrator Michael Regan and National Security Adviser Jake Sullivan expressed concern that targeted cyberattacks could disrupt the vital function of providing the public with clean and safe drinking water, as well as cause significant financial damage to communities affected by the shutdown.
Hackers affiliated with Iran's Islamic Revolutionary Guard Corps recently attacked U.S. drinking water systems, while the Chinese-sponsored Volt Typhoon group compromised information technology for drinking water supplies and other critical infrastructure systems.
The letter states that federal departments and agencies view the actions of Volt Typhoon actors with a high degree of confidence as preparation for possible disruption of critical infrastructure operations in the event of geopolitical tensions and / or military conflicts.
The US water supply system is a particularly vulnerable part of the country's infrastructure due to weak control mechanisms, insufficient funding, and a lack of personnel. The Environmental Protection Agency is the leading federal agency responsible for ensuring that the nation's water sector is resilient to all threats and hazards, including cyberattacks.
In late November, an Iranian-backed hacker group attacked Israeli-made digital control systems that are widely used in the US water and wastewater industries. The attack affected several organizations in various states. While these incidents did not affect water supplies, they highlighted the difficulty of dialogue between the federal Government and municipal water supply associations on how best to protect water resources.
The letter emphasizes that drinking water and sanitation systems are an attractive target for cyber attacks, since they represent critical infrastructure, but often do not have the necessary resources for protection or the technical competence to implement strict cybersecurity practices.
The document also points out that in many cases, even basic security measures, such as changing standard passwords or updating software to address known vulnerabilities, are not implemented, which can be a decisive factor between the usual course of affairs and a devastating cyber attack.
The authors of the letter invite state officials to a meeting on March 21 to discuss this threat and develop defense strategies. This demonstrates the seriousness of the Federal Government's commitment to preventing potential threats to water security and underscores the importance of joint efforts at all levels of government to ensure the protection of vital infrastructure.
Thus, the situation with cybersecurity in the US water supply sector is under special control at the highest level. Authorities are calling for vigilance and increased security measures to counter possible threats from foreign state and non-state actors seeking to disrupt critical infrastructure.
