In an important move, CISA, the FBI, and the EPA have joined forces to issue a set of cybersecurity guidelines aimed at bolstering the defenses of water utilities across the nation. This collaboration is pivotal in equipping these essential services with the knowledge and tools needed to fend off cyber threats.
Essential Defense Strategies for Water Utilities
These agencies published a fact sheet yesterday, presenting a comprehensive list of eight pivotal actions that organizations within the U.S. Water and Wastewater Systems (WWS) sector can undertake to mitigate cyber threats and enhance their operational resilience.
This guidance not only highlights key protective measures but also outlines an array of free services, resources, and tools available to support these cybersecurity endeavors. The joint statement from CISA, EPA, and FBI emphasizes the importance of the WWS sector and other critical infrastructure bodies in reviewing and adopting the recommended practices outlined in the fact sheet.
“CISA, EPA, and FBI urge all WWS Sector and critical infrastructure organizations to review the fact sheet and implement the actions to improve resilience to cyber threat activity,” they said.
For entities seeking further assistance in implementing these crucial measures, the statement advises reaching out to the EPA and/or regional CISA cybersecurity advisors for specialized support.
Key Recommendations for Enhanced Cybersecurity
Among the advised strategies, water utilities are encouraged to limit the public internet exposure of critical assets, including operational technology (OT) devices like controllers and remote terminal units. Conducting thorough cybersecurity assessments on a regular basis is also highlighted as a vital step in identifying and addressing vulnerabilities within both OT and IT frameworks.
The agencies stress the importance of immediate action to replace all default or weak passwords with more secure alternatives and to adopt multifactor authentication (MFA) wherever feasible.
Creating comprehensive inventories of OT/IT assets is recommended to gain a clear understanding of potential attack surfaces, coupled with routine backups of these systems to facilitate swift recovery in the aftermath of a security breach.
To further safeguard against cyber threats, the guidance suggests timely patching or mitigation of known vulnerabilities, the development and regular testing of cyber incident response and recovery plans, and the annual training of staff to enhance cybersecurity awareness and preparedness.
Global Concerns Over Water Infrastructure Security
These recommendations come after the recent burrage of cyberattacks targeting water facilities worldwide, jeopardizing the security of critical infrastructure and public safety.
High-profile incidents, including ransomware attacks on major water treatment companies like Veolia North America and Southern Water in the U.K., have necessitated a robust response to protect these vital resources.
In light of these challenges, CISA, the FBI, and the EPA have previously issued an incident response guide to aid defenders in securing water utilities. Moreover, initiatives such as CISA’s free security scan program have been launched to assist critical infrastructure facilities in identifying and rectifying security vulnerabilities.
Notably, a cybersecurity alert was issued by CISA following an incident where hackers gained access to a Pennsylvania water facility by exploiting vulnerabilities in Unitronics programmable logic controllers (PLCs). Despite the breach, the agencies assured that the safety of the potable water supply for local communities remained intact.
Final Word
These series of cyber intrusions, involving Ghost, ZuCaNo, and Makop ransomware strains, highlight the imperative need for continuous vigilance and adaptive cybersecurity strategies within the U.S. WWS Sector to protect against evolving threats.
Anas Hasan
February 22, 2024
2 months ago
