US Agencies Issue Cybersecurity Guide in Response to Cybercriminals Targeting Water Systems – tripwire.com

US federal agencies have teamed up to release a cybersecurity best practice guidance for the water and wastewater sector (WWS).
The Cybersecurity and Infrastructure Security Agency (CISA), United States Environmental Protection Agency (EPA), and Federal Bureau of Investigation (FBI) have published the guide in an attempt to promote cybersecurity resilience and improve incident response in the WWS sector.
The guide’s publication comes less than two weeks after a report from the Office of the Inspector General (OIG) called on CISA to enhance the cybersecurity resiliency of the water and wastewater sector by improving external collaboration and its own internal co-ordination.
Water and wastewater systems, just like other essential elements of critical infrastructure, can fall prey to cyber attack – in part because they are deemed “target-rich, cyber-poor.”
For instance, in February 2021 a malicious hacker is alleged to have gained access to a Florida water treatment plant’s computer systems and poisoned the water supply.
The previous month, a  malicious hacker allegedly attempted to similarly poison water at a plant in the San Francisco Bay area.
And, in March 2021, an ex-worker at Kanas’s public water systems was charged with accessing computer systems without authorisation, in an apparent attempt to tamper with the supply of drinking water.
Meanwhile, more recently, there have been a series of ransomware attacks against the WWS sector, as well as what may well be nation-state activity with the pro-Iran Cyber Av3ngers group believed to be behind a series of attacks against multiple water utilities across the United States.
The guidance issued by the FBI, CISA, and EPA focuses on the four stages of incident response:
“The Water and Wastewater Systems sector is under constant threat from malicious cyber actors,” said CISA Executive Assistant Director for Cybersecurity, Eric Goldstein. “This timely and actionable guidance reflects an outstanding partnership between industry, nonprofit, and government partners that came together with EPA, FBI, and CISA to support this essential sector. We encourage every WWS entity to review this joint guide and implement its recommended actions.”
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of Tripwire.

source

Related Posts

After 6 months and little explanation, Norton Healthcare patients, employees still feeling effects of cyber attack – WDRB

Spotty shower possible. Storms after midnight Updated: April 16, 2024 @ 12:31 pmNorton Healthcare, a company serving about 600,000 patients a year with nearly $5 billion in assets, continues to…

Read more

CA's top cybersecurity job has been vacant for almost 2 years – CalMatters

Technology Californians get hacked all the time. The state’s top cybersecurity job is vacant In summaryGov. Newsom has yet to appoint a commander who is tasked with informing businesses and…

Read more

13 Cyber Security Measures Your Small Business Must Take – Tech.co

Our content is funded in part by commercial partnerships, at no extra cost to you and without impact to our editorial impartiality. Click to Learn MoreCybersecurity has been important to…

Read more

AVG Antivirus Free review – Ghacks

AVG AntiVirus Free is a longstanding security program for Microsoft Windows that protects computer systems from viruses, trojans and other malicious code.One interesting fact about AVG is that it maintains…

Read more

Vlog Episode #247: Chris Long on Improving Technical SEO Skills & Playing Offense SEO – Search Engine Roundtable

In part one, we learned about Chris Long and his experience working with Bill Slawski. Then, in part two, we spoke about helping people with SEO on LinkedIn and using…

Read more

Information Security Vs. Cybersecurity: What's The Difference? – Forbes

Information Security Vs. Cybersecurity: What’s The Difference?  Forbessource

Read more

Leave a Reply

Your email address will not be published. Required fields are marked *