Tag Archive for: Water

How the Biden administration plans to protect your water systems from hackers

/in


By Sean Lyngaas, CNN

The Biden administration will help deliver cyber defense technologies and threat intelligence to US water utilities to try to bolster security for a sector that is often short of cash and personnel to deal with hacking threats, officials announced Thursday.

The “100-day” plan to increase cybersecurity resources for some of America’s 150,000 public water systems comes a year after a hacker breached a Florida water treatment facility and temporarily changed the plant’s chemical setting to a potentially dangerous level.

The incident at the Tampa-area facility did not cause any harm, but it spurred a heightened focus on the sector’s vulnerabilities among federal officials and the water industry.

“There is absolutely inadequate cyber resilience across the water sector” to criminal and state-sponsored hackers, a senior administration told reporters in previewing the announcement.

The water security initiative will first focus on defenses at the water systems that serve the most people and then expand to smaller facilities, officials said.

The Environmental Protection Agency and US Cybersecurity and Infrastructure Security Agency will invite water utilities to a pilot program to deploy more sophisticated defensive tools on their systems, officials said. Data from the pilot program — and input from water utilities already using such technology — will be the basis of training and guidance that federal officials provide the sector.

The initiative follows similar “100-day plans” that the Biden administration has done to boost cybersecurity in the electricity and natural gas sectors.

The water security initiative is voluntary. Whereas, in other cases, federal agencies can regulate pipelines and electric utilities, they have very limited authority to impose cybersecurity rules on water utilities.

The stakes are high.

“Cyberattacks represent an increasing threat to water systems and thereby the safety and security of our communities,” EPA Administrator Michael S. Regan said in a statement.

The water sector, like other critical infrastructure, has to contend with ransomware attacks and the potential for…

Source…

Hackers targeted US drinking water and wastewater facilities as recently as August, Homeland Security says

/in


WASHINGTON – The nation’s top civilian cybersecurity agency issued a warning Thursday about ongoing cyber threats to the U.S. drinking water supply, saying malicious hackers are targeting government water and wastewater treatment systems.

Authorities said they wanted to highlight ongoing malicious cyber activity “by both known and unknown actors” targeting the technology and information systems that provide clean, drinkable water and treat the billions of gallons of wastewater created in the U.S. every year.

The alert, which disclosed three previously unreported ransomware attacks on water treatment facilities, was issued by the Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA). It was the result of analytic efforts by DHS, the FBI, the Environmental Protection Agency and the National Security Agency.

One DHS cybersecurity official described it as the routine sharing of technical information between federal agencies and their industry partners “to help collectively reduce the risk to critical infrastructure in the United States.” Added a second Homeland Security official: “It’s not any indication of a new threat. We don’t want anyone to think that their drinking water supply is under attack.”

Both officials spoke on the condition of anonymity in order to elaborate on the agency’s public statements.

Despite their assurances, the advisory disclosed that in March 2019, a former employee at a Kansas-based water and waste water treatment facility unsuccessfully tried to threaten drinking water safety by logging in with his user credentials – which had not been revoked at the time of his resignation – to remotely access a facility computer.

In that case, a federal grand jury in Topeka, Kansas accused Wyatt Travnichek, 22, of tampering with the water treatment facilities for the sprawling, eight-county Post Rock Rural Water District.

The indictment, announced March 31, alleges that Travnichek’s job for the utility was to monitor the water plant remotely by logging into its computer system. Two months after he left his job with the water district in January 2019, it said, Travnichek logged in remotely with the intent of shutting shut down…

Source…

Hackers Keep Targeting the US Water Supply

/in


In light of all the Facebook news lately—although frankly, when isn’t there any—you may finally be thinking about jumping ship. If so, here’s how to delete your Facebook account. You’re welcome.

That’s not all that happened this week, though! Google shed some new light on the Iranian hacking group known as APT35, or Charming Kitten, and how they use Telegram bots to let them know when a phishing lure has a nibble. Speaking of Telegram, a new report shows just how poor a job the messaging service has done keeping extremism off the platform.

There was good news for Cloudflare this week, as a judge ruled that the internet infrastructure company isn’t liable when one of its customers infringe copyright designs on their websites. And there was bad news for humanity, as the governor of Missouri has threatened repeatedly to sue a journalist for responsibly disclosing a security flaw on a state website that he uncovered.

And there’s more! Each week we round up all the security news WIRED didn’t cover in depth. Click on the headlines to read the full stories, and stay safe out there.

In February, someone tried to poison a Florida city’s water supply by hacking into its control system and dramatically increasing the amount of sodium hydroxide. In 2020, a former employee at a Kansas water facility accessed and tampered with its controls remotely.  And that’s before you even get to the four ransomware attacks that intelligence officials documented this week, in a joint warning about the ongoing threats that hackers pose to US water and wastewater facilities. The alert notes that water treatment plants tend to invest in physical infrastructure rather than IT resources, and tend to use outdated versions of software, both of which leave them susceptible to attack. Disgruntled insiders have ample access to wreck havoc, and ransomware attackers always like a target that can’t afford to stay offline for any significant period of time. While this isn’t necessarily surprising—we sounded the same warning back in April—the joint FBI/CISA/NSA/EPA memo gives new detail into how many confirmed attacks have taken place in recent months, and it offers some guidance for critical infrastructure…

Source…

 Ransomware hackers targeted three US water facilities in 2021, according to cyber officials

/in


( Image : usatoday)

In the previous eight months, hackers have targeted three US water treatment facilities with ransomware, according to officials from the Cybersecurity and Infrastructure Security Agency (Cisa).

The alert, titled “Ongoing Cyber Threats to US Water and Wastewater Systems,” was issued as a result of analyses conducted in collaboration with the Federal Bureau of Investigation, the Environmental Protection Agency, and the National Security Agency, and was intended to “highlight ongoing malicious cyber activity — by both known and unknown actors — targeting the information technology… and operational technology… networks, systems, and devices of US Water and Wastewater… networks, systems, and devices,” according to Cisa.

“This activity — which includes attempts to compromise system integrity via unauthorized access — threatens the ability of WWS facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities,” Cisa said.

Malicious actors have been using “spearphishing,” a technique that involves using forged emails to persuade facility personnel to click on malicious links or run malicious code, allowing hackers access to protected systems, as well as exploiting vulnerabilities in older computer operating systems that have not been patched with up-to-date security fixes, according to the bulletin.

The report’s most recent ransomware incident targeted a California-based water treatment plant in August 2021, and was detected after three systems began flashing ransomware threats.

A month prior, ransomware was used to attack a Maine water treatment facility, causing the facility’s machinery to be operated manually until the servers could be restored.

In March 2021, hackers targeted the servers of a Nevada water treatment facility, but were unable to acquire control of any treatment equipment due to the facility’s lack of automation.

The Cisa warning comes just days after Vice President Joe Biden hosted a multi-day summit with 30 countries to launch off a “counter-ransomware initiative.”

White House National Security Adviser Jake Sullivan said President Joe Biden has prioritized fighting…

Source…