"Attempted Cyberattack Highlights Vulnerability of Global Water Infrastructure"

Recently there were assault attempts on control and control systems of wastewater treatment plants, pumping stations, and sewers, according to Israel's National Cyber directorate.  In the US alone, there are an estimated 70,000 water utilities.  The water utilities are vulnerable to attacks because most of them are small and have almost no cybersecurity expertise among staff members.  The water industry has no regulatory requirements when it comes to cybersecurity.  There is a Water Information Sharing and Analysis Center (WaterISAC), which serves as an all-threats security information source for the water and wastewater sector.  Any guidelines that are issued by the WaterISAC are voluntary, and many of the water companies do not have the resources to implement them.  Employees that work at water facilities are very concerned about cybersecurity threats.  Usually, only one or two IT people work at each water facility.  Usually, the IT personnel understand where the vulnerabilities are, but they are not given adequate resources to help protect known vulnerabilities.

CSO reports: "Attempted Cyberattack Highlights Vulnerability of Global Water Infrastructure"