- Best Prime Day deals under $100 to shop in October 2024
- One of the most reliable power banks I've tested is not made by Anker or Baseus
- EcoFlow portable power stations are over 50% off with these early Prime Day deals
- It’s Time to Sound the Alarm on SMB Cyber Threats
- Amazon Prime Day deals live: We found 150+ of the best deals ahead of October's Big Deal Days
US Government Warns of Insider and Ransomware Threat to Water Plants
The US authorities have issued an alert warning of ongoing malicious cyber-activity targeting the country’s water and wastewater systems (WWS) sector.
The alert highlighted multiple tactics, techniques and procedures (TTPs) being used by a range of actors in an attempt to compromise IT and OT systems.
These include spear-phishing, exploitation of insecure RDP, targeting of unsupported or outdated operating systems and software, and exploitation of control system devices with vulnerable firmware.
The alert was issued by the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), the Environmental Protection Agency (EPA), and the National Security Agency (NSA).
It refers to multiple incidents over the past two years – mainly ransomware attacks, including a September 2020 attack on a New Jersey-based WWS facility, a March 2021 compromise at a Nevadan plant, and an August 2021 attack on a Californian WWS site.
Also mentioned is a notorious 2019 incident in which a former employee at a Kansas plant was able to access and shut down some of the key processes used to disinfect water with the intention of causing harm.
History repeated itself two years later when an actor gained unauthorized access to the IT network of a facility in Oldsmar, Florida, and tried to change the water supply’s chemical balance. It was subsequently revealed that it had left a critical SCADA system hooked up to a remote access tool, for which the password was never changed. The same credential was also reused across the facility.
However, the agencies were at pains to point out that the alert does not mean the WWS sector is being targeted more than other industries – merely that plant owners should be aware of ongoing cyber-risk to their operations.
“This activity – which includes attempts to compromise system integrity via unauthorized access – threatens the ability of WWS facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities,” it noted.