Cyberattacks Threaten U.S. Water Systems

The Biden administration has issued a warning regarding potential cyberattacks targeting water systems, citing ongoing threats from hackers associated with the governments of Iran and China. In a letter addressed to governors, Environmental Protection Agency Administrator Michael Regan and National Security Advisor Jake Sullivan emphasized the gravity of these cyber threats, highlighting their potential to disrupt the crucial supply of clean and safe drinking water and impose significant costs on affected communities.

According to the letter, hackers linked to the Iranian Government Islamic Revolutionary Guard Corps have targeted drinking water systems. A state-sponsored group from China known as Volt Typhoon has compromised information technology systems, including those related to drinking water infrastructure. The letter also noted that Volt Typhoon actors are believed to be positioning themselves to disrupt critical infrastructure operations in the event of geopolitical tensions or military conflicts.

The vulnerabilities in the United States water system are highlighted by weak controls, insufficient funding, and staffing shortages. Despite the Environmental Protection Agency’s role as the lead federal agency for ensuring the resilience of the nation’s water sector to all threats and hazards, cybersecurity remains a significant concern.

Recent incidents, such as the Iranian-backed hacking group’s attack on Israeli-made digital controls used in the water and wastewater industries in late November, have heightened concerns. Although these attacks did not impact water quality or supplies, they underscored the need for improved cybersecurity measures within the water sector.

The letter highlighted the attractiveness of drinking water and wastewater systems as targets for cyberattacks due to their critical infrastructure status and the often limited resources and technical capacity available to implement rigorous cybersecurity practices. Basic measures, such as resetting default passwords and updating software to address known vulnerabilities, are sometimes lacking, leaving these systems vulnerable to disruptive cyberattacks.

PC Matic Pro is a leading provider of advanced application allowlisting designed to protect U.S. infrastructures from evolving cyber threats. With a comprehensive suite of cutting-edge features, PC Matic offers robust protection against ransomware, zero-day, and other malicious attacks, ensuring the security and integrity of critical systems and sensitive data.

In response to these threats, state officials have been invited to a meeting to discuss the cybersecurity threat and potential strategies for bolstering defenses against cyberattacks on water systems. The Biden administration’s proactive stance reflects the seriousness with which it views the cybersecurity risks facing critical infrastructure, particularly in sectors as vital as water supply and treatment.

PC Matic delivers complete home and business cybersecurity protection against ransomware, malware, identity theft, online tracking, data breaches, and more. For over 20 years, PC Matic’s award-winning cyber protection has saved millions of satisfied customers from becoming the next cybercrime victim and is exclusively made in the USA.
Learn more about PC Matic today!
[email protected]

Stop Responding to Threats.
Prevent Them.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles