US Water and Wastewater Facilities Targeted in Cyberattacks, Feds Warn

CISA, FBI, and NSA issue advisory and defense practices to help these utilities thwart "ongoing" threats targeting IT and OT networks.

Dark Reading Staff, Dark Reading

October 14, 2021

1 Min Read
Dark Reading logo in a gray background | Dark Reading

The Cybersecurity and Infrastructure Security Agency (CISA), FBI, and National Security Agency (NSA) once again have teamed up in a cybersecurity advisory — this time regarding ongoing attack campaigns against US water and wastewater facilities.

Both known and unknown cyber-threat groups have been going after both IT and OT networks, systems, and equipment at these facilities, the agencies warned.

"This activity — which includes attempts to compromise system integrity via unauthorized access — threatens the ability of [water and wastewater systems] facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities," the alert said.

The report includes more detailed mitigations and defenses and details on the modes of attack, and the agencies recommend water facilities immediately adopt practices of not opening suspicious links; secure and monitor RDP; and employ strong passwords and multifactor authentication. 

”Recent ransomware incidents and ongoing threats demonstrate why all critical infrastructure owners and operators should make cybersecurity a top priority. While vulnerabilities within the water sector are comparable to vulnerabilities observed across many other sectors, the criticality of water and wastewater infrastructure and recent intrusions impacting the sector reflect the need for continued focus and investment," said Eric Goldstein, executive assistant director for cybersecurity at CISA, in a statement.

"The battle against ransomware doesn't start the day a cyber incident occurs," he said. "It begins long before that with the proactive measures detailed in this joint advisory and at StopRansomware.gov that every owner and operator must take to address security gaps and protect the communities they serve.”

Read the advisory here.


About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights