EPA finding no improvement in water systems' cyber hygiene.
The U.S. Environmental Protection Agency has said that cyber attacks targeting water utilities across the country have increased in frequency and severity.
In an enforcement alert, EPA urged community water systems to take immediate steps to reduce cybersecurity vulnerabilities and protect the nation's public drinking water supplies. It identified "alarming" cybersecurity vulnerabilities in some water systems, such as default passwords being used, and single logins for all staff, reports USA Today.
EPA said that many of its requirements to protect water systems are "basic cyber hygiene practices," the agency said potential cyber attacks can cause significant impacts on both water utilities and consumers.
Last November, an Iranian-linked cyber group, Cyber Av3ngers, hacked into water authority infrastructure in Aliquippa, Pennsylvania. The group took partial control of a system that regulates water pressure — and one that includes technology manufactured in Israel.
In March, EPA Administrator Michael Regan and National Security Advisor Jake Sullivan sent a letter to all 50 U.S. governors asking states to develop a plan to secure water systems against cyber threats.
Dan Raywood is a seasoned B2B journalist with over 20 years of experience, specializing in cybersecurity for the past 15 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes. Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
Dan Raywood is a seasoned B2B journalist with over 20 years of experience, specializing in cybersecurity for the past 15 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes. Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
Streamlining the lifecycle of joiners, movers, and leavers using no-code automation
An error occurred trying to play the stream. Please reload the page and try again.
CloseRegistering with SC Media is 100% free. Join tens of thousands of cybersecurity leaders today and gain access to the latest analysis shaping the global infosec agenda.
