"US Government Warns of Insider and Ransomware Threat to Water Plants"

The FBI, the Cybersecurity and Infrastructure Security Agency (CISA), the Environmental Protection Agency (EPA), and the National Security Agency (NSA) have issued an alert warning of ongoing malicious cyber-activity targeting the country’s water and wastewater systems (WWS) sector.  The U.S. authorities highlighted multiple tactics, techniques, and procedures (TTPs) being used by a range of actors in an attempt to compromise IT and OT systems.  These include spear-phishing, exploitation of insecure RDP, targeting of unsupported or outdated operating systems and software, and exploitation of control system devices with vulnerable firmware.  The alert refers to multiple incidents over the past two years, mainly ransomware attacks, including a September 2020 attack on a New Jersey-based WWS facility, a March 2021 compromise at a Nevadan plant, and an August 2021 attack on a Californian WWS site.  The alert stated that attacks threaten the ability of WWS facilities to provide clean, potable water and effectively manage the wastewater of their communities.  The agencies pointed out that the alert does not mean the WWS sector is being targeted more than other industries, merely that plant owners should be aware of ongoing cyber risks to their operations.  

Infosecurity reports: "US Government Warns of Insider and Ransomware Threat to Water Plants"