Pro-Russia hackers have recently been exploiting shoddy security practices at multiple US water plants in cyberattacks that have affected a wider range of victims than previously documented. While these attacks have not impacted drinking water, they highlight the cybersecurity challenges facing water systems across the US that are often lacking in resources to deal with threats. This has prompted a plea from US national security adviser Jake Sullivan for water authorities to strengthen their defenses.
Investigations have revealed that the hacked facilities had outdated equipment connected to the internet with weak passwords, making it easy for hackers to breach sensitive networks that handle water treatment and other industrial operations. The Cybersecurity and Infrastructure Security Agency, FBI, and other agencies are set to release a public advisory addressing these threats, particularly from Russian-speaking hackers who have been targeting US industrial plants using rudimentary attack techniques.
US officials have been privately advising critical infrastructure firms to remove industrial equipment from the internet to prevent exploitation by hackers. The recent cyberattacks on US water and wastewater facilities have resulted in limited physical disruptions, with hackers manipulating settings, alarms, and passwords. The affected facilities quickly cut off public internet access to their industrial computers and restored normal operations.
Russian-speaking hackers have claimed responsibility for these attacks, which began in January and have continued in recent weeks. Some of the hacks have targeted US facilities, while others have affected a French dam and a Polish water facility. While it is unclear whether the hackers are government-affiliated or cybercriminals, US officials see these incidents as part of Russia’s history of harboring hackers who target US critical infrastructure.
In addition to alleged Russian hacks, there have been opportunistic cyberattacks on US water facilities, including a breach in November that was blamed on the Iranian government. None of these cyberattacks have impacted drinking water, but they have raised concerns about the vulnerability of the sector and the need for increased resources to defend against future attacks. Some lawmakers have called for more federal funding to help water plants and the EPA defend against cyber threats.
The heightened public attention on cybersecurity threats to US water facilities has led to improvements, with the Water Information Sharing and Analysis Center seeing an increase in membership from facilities across the country. Water sector experts emphasize the importance of investing in cybersecurity defenses to prevent costly cyberattacks that could damage public confidence. Water utilities affected by recent cyberattacks are taking steps to strengthen their defenses and assess vulnerabilities with the help of federal agencies.
