Agencies Warn of Ongoing Cyber Threats to Water Treatment Facilities


The Cybersecurity and Infrastructure Security Agency and other agencies issued a joint advisory about mitigating ransomware threats.

Four federal agencies have issued a joint advisory warning of ongoing cyber threats against  systems that help operate various U.S. waterways and water systems.

Issued on Thursday evening, the advisory was formally issued by the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, the Environmental Protection Agency, and the National Security Agency. It identifies both IT and operation technology, or OT, networks within the U.S. Water and Wastewater Systems (WWS) Sector facilities as being vulnerable to “malicious cyber activity,” which could lead to interruptions in communities’ access to clean water. 

“This activity—which includes cyber intrusions leading to ransomware attacks—threatens the ability of WWS facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities,” the advisory reads.

CISA listed several examples of water treatment facilities across the country that have suffered from malware attacks in 2021, including WWS plants in California, Maine and Nevada. 

The advisory stated that actors both known and unknown to authorities are behind the ongoing cyber threats. Some of the most common tactics they use include exploiting outdated operating and software systems used by WWS facilities. 

In the joint advisory, CISA and the other three agencies recommended a slew of mitigation techniques, including basic protocols like strong password protections, using a multifactor authorization software, and avoiding opening suspicious links. Officials also recommended updating emergency response plans annually to prevent and report potential incidents. 

”Recent ransomware incidents and ongoing threats demonstrate why all critical infrastructure owners and operators should make cybersecurity a top priority,” said Eric Goldstein, the executive assistant director for cybersecurity at CISA, in a statement to Nextgov. “While vulnerabilities within the Water Sector are comparable to vulnerabilities observed across many other sectors, the criticality of water and wastewater infrastructure and recent intrusions impacting the sector reflect the need for continued focus and investment.”

Preventing cyberattacks carrying ransomware has been a paramount item on President Joe Biden’s agenda since the high-profile Microsoft Exchange data breach and the Colonial Pipeline hack that threatened to bottleneck oil supplies along the East Coast. In the wake of the latter, Biden signed an executive order to strengthen government response to cyber attacks.