Tag Archive for: utilities.

CISA announces free security scans for public water utilities

/in


The U.S. Cybersecurity and Infrastructure Security Agency is offering free security scans for critical infrastructure facilities, such as water utilities, to help protect them from cyberattacks.

The midweek announcement comes as water treatment facilities across the country have suffered from rising security threats over the past two years, including a recent attempt to compromise the safety and protection systems of the water treatment facility in Discovery Bay, California, by a former employee of one of the plant’s vendors.

In 2021, CISA and other agencies, including the FBI, Environmental Protection Agency and National Security Agency, issued a joint advisory report documenting the ongoing cybersecurity vulnerabilities in water systems nationwide, which “threaten their ability to provide potable water and effectively manage their wastewater.”

Drinking water and wastewater systems often offer public-facing applications that can be vulnerable to attack, potentially disrupting or halting operations.

CISA agents run specialized scanners to identify a facility’s vulnerabilities and weak configurations in internet-exposed endpoints, commonly used for initial access by threat actors and some ransomware groups.

Depending on the severity of flaws and vulnerabilities found, reports are generated within one to six days. The federal agency sends weekly reports with recommendations, while further scans determine if the water utilities have taken the steps to solve previously disclosed issues.

CISA’s new no-cost scanning program was co-developed with the EPA, the Water Sector Coordinating Council and the Association of State Drinking Water Administrators. CISA encouraged all drinking water and wastewater system operators to enroll in the service.

In the announcement, CISA said it aims to significantly reduce identified vulnerabilities in the first few months of security scans.

Source…

China-Backed Hackers Threaten Texas Military Sites, Utilities

/in


(TNS) — A Chinese government-backed hacker group’s apparent plan to upend utilities and communication systems that power U.S. military bases poses a major threat to Joint Base San Antonio — and potentially to the region’s water and electricity customers.

U.S. officials say the group, called Volt Typhoon, has inserted malware — computer code intended to damage or disrupt networks or to covertly collect information — deep in the systems of numerous water and electric utilities that serve military installations in the United States and abroad.

The aim could be to delay a U.S. military response if China’s People’s Liberation Army invades Taiwan. President Joe Biden has said the U.S. military would intervene if China invaded the island nation.


“I would be most concerned about U.S. assets in the Pacific Rim — in South Korea and Japan,” said John Dickson, a San Antonio-based cybersecurity consultant and former Air Force intelligence officer. “But we are Military City, USA, and a sophisticated reader doesn’t have to do too much to connect the dots.”

San Antonio is flush with military personnel and missions. It’s home to Fort Sam Houston, the largest military medical training installation in the U.S., as well as to JBSA-Randolph and JBSA-Lackland Air Force bases.

Lackland trains the service’s incoming airmen and conducts cyber warfare and intelligence-gathering operations at its Security Hill facility.

The National Security Agency’s Texas Cryptologic Center occupies a sprawling campus on San Antonio’s West Side. The center conducts worldwide signals intelligence and cybersecurity operations. Signals intelligence involves collecting, decoding and interpreting electronic communications.

It’s unclear if the networks of the San Antonio Water System or CPS Energy, both owned by the city of San Antonio, are infected with Volt Typhoon’s malware.

CPS, the largest municipally owned utility in the U.S., has 930,000 electric and 381,000 gas customers. SAWS serves 511,000 water and 456,000 wastewater customers. The two utilities’ service areas encompass Bexar County and small swaths of neighboring counties.

“We will continue to…

Source…

Living Off the Land: How to Defend Against Malicious Use of Legitimate Utilities – Threatpost

/in



Living Off the Land: How to Defend Against Malicious Use of Legitimate Utilities  Threatpost

Source…

National Guard is preparing for a major cyber attack that would bring down utilities across the US

/in


The National Guard has been preparing for a major cyber attack that would bring down utilities across the US, after the hack of the Colonial Pipeline brought the nation’s fuel supply to its knees.

Troops from across the New England region practiced tackling a massive simulated breach across critical infrastructure sectors including power, water and gas during a two-week training exercise this month.

The exercise involved a situation where a huge cyber attack targeted utilities on the West Coast before moving east across the country. 

Much like in a real-life scenario, National Guardsmen worked alongside government agencies – including the FBI, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the Federal Energy Regulatory Commission, and US Cyber Command – as well as private sector utility partners to respond to the crisis.

While the crisis was a simulation this time round, such an attack is looking increasingly possible.  

A series of recent, devastating attacks have sent warning signs about the risk cybersecurity breaches can bring to national infrastructure. 

When the Colonial Pipeline was targeted by hackers in May, it was forced to shut its entire network carrying 45 percent of all fuel to the East Coast, sparking a national fuel crisis that sent gas prices soaring.

Weeks later, the food supply chain was dealt a blow when hackers led to the four-day closures of plants belonging to America’s largest beef supplier JBS. 

The National Guard has been preparing for a major cyber attack that would bring down utilities across the US, after the hack of the Colonial Pipeline brought the nation's fuel supply to its knees. Pictured the two-week training exercise

The National Guard has been preparing for a major cyber attack that would bring down utilities across the US, after the hack of the Colonial Pipeline brought the nation’s fuel supply to its knees. Pictured the two-week training exercise

Troops from across the New England region practiced tackling a massive simulated breach across critical infrastructure sectors including power, water and gas during the Cyber Yankee Event (above)

Troops from across the New England region practiced tackling a massive simulated breach across critical infrastructure sectors including power, water and gas during the Cyber Yankee Event (above)

The Cyber Yankee event, which has been held for the last seven years and was carried out in Camp Edwards, Cape Cod, tested the ability of the National Guard cyber units to respond to a real-life cyberattack and trained them to collaborate with government and industry partners.  

Source…