Curated Content | Thought Leadership | Technology News

EPA Warns of Surging Cyber Risks for Water Facilities

70% of facilities failed inspection.
Ryan Uliss
Contributing Writer
Close up photo of advanced water treatment processes.

Cyberattacks on U.S. water utilities are becoming increasingly frequent and severe, prompting the Environmental Protection Agency (EPA) to issue an urgent enforcement alert. The agency reported that over 70% of inspected utilities have failed to meet standards designed to prevent cyber breaches, highlighting an urgent need for improved cybersecurity measures within this critical sector.

In response, the EPA is urging water systems to take immediate action to strengthen their cybersecurity defenses. Failures such as not changing default passwords and allowing former employees access to systems have been identified as significant vulnerabilities. The agency emphasized the importance of protecting information technology and process controls to prevent disruptions to water treatment, potential damage to infrastructure, and the alteration of chemical levels to hazardous amounts.

Why it matters: The safety and reliability of the nation’s drinking water supply are fundamental to public health and national security. Cyberattacks on water utilities threaten the availability and quality of drinking water but also highlight broader vulnerabilities in critical infrastructure that adversaries can exploit. Addressing these cybersecurity gaps is essential to ensuring the resilience of water systems against current and future threats.

  • Increasing Frequency and Severity of Attacks: Cyberattacks on water utilities are becoming more common and damaging, with recent incidents linked to groups affiliated with Russia, Iran, and China. These attacks have disrupted operations and could potentially harm public health by tampering with water treatment processes.
  • Impact on Smaller Communities: While large utilities often have more resources to defend against cyber threats, smaller water systems are particularly vulnerable. Recent attacks have targeted small towns, demonstrating that no community is immune.
  • EPA’s Enforcement and Support Measures: The EPA is stepping up enforcement actions and providing guidance to help water utilities improve their cybersecurity. This includes training for utilities that lack the necessary expertise and urging states to develop comprehensive cybersecurity plans for water systems.

Go Deeper -> US says Cyberattacks Against Water Supplies are Rising, and Utilities Need to do More to Stop Them – Yahoo Finance

EPA Urges Water Utilities to Protect Nation’s Drinking Water Amid Heightened Cyberattacks – USA Today

You have free article(s) left this month courtesy of CIO Partners.

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Would You Like To Save Articles?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Save My Spot For TNCR LIVE!

Thursday April 18th

9 AM Pacific / 11 PM Central / 12 PM Eastern

Register for Unlimited Access

Already a member?

Digital Monthly

$12.00/ month

Billed Monthly

Digital Annual

$10.00/ month

Billed Annually

The St. Louis-based credit union is adding a key member to its IT organization.

Would You Like To Save Books?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Log In To Access Premium Features

Sign Up For A Free Account

Please enable JavaScript in your browser to complete this form.