Water Systems Cyberattacks

The U.S. Environmental Protection Agency (EPA) said it's forming a new "Water Sector Cybersecurity Task Force" to devise methods to counter the threats faced by the water sector in the country.

"In addition to considering the prevalent vulnerabilities of water systems to cyberattacks and the challenges experienced by some systems in adopting best practices, this Task Force in its deliberations would seek to build upon existing collaborative products," the EPA said.

In a letter sent to all U.S. Governors, EPA Administrator Michael Regan and National Security Advisor Jake Sullivan highlighted the need to secure water and wastewater systems (WWS) from cyber attacks that could disrupt access to clean and safe drinking water.


At least two threat actors have been linked to intrusions targeting the nation's water systems, including those by an Iranian hacktivist group named Cyber Av3ngers as well as the China-linked Volt Typhoon, which has targeted communications, energy, transportation, and water and wastewater systems sectors in the U.S. and Guam for at least five years.

"Drinking water and wastewater systems are an attractive target for cyberattacks because they are a lifeline critical infrastructure sector but often lack the resources and technical capacity to adopt rigorous cybersecurity practices," Regan and Sullivan said.

The development coincides with the release of a new fact sheet from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), urging critical infrastructure entities to defend against the "urgent risk posed by Volt Typhoon" by implementing secure by-design principles, robust logging, safeguarding the supply chain, and increasing awareness of social engineering tactics.

"Volt Typhoon have been pre-positioning themselves on U.S. critical infrastructure organizations' networks to enable disruption or destruction of critical services in the event of increased geopolitical tensions and/or military conflict with the United States and its allies," the agency cautioned.

Cybersecurity firm SentinelOne, in a report published last month, revealed how China has launched an offensive media strategy to propagate "unsubstantiated" narratives around U.S. hacking operations for over two years.

"Repeating China's allegations helps the [People's Republic of China] shape global public opinion of the U.S. China wants to see the world recognize the U.S. as the 'empire of hacking,'" Sentinel One's China-focused consultant Dakota Cary said.

"The fact that China is lodging allegations of US espionage operations is still notable, providing insight into the relationship between the US and China, even if China does not support its claims."

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.