On Tuesday, the White House and Environmental Protection Agency warned US governors in a letter that cyberattacks are hitting water and wastewater systems “throughout the United States”, and state governments and water facilities must improve their defenses against the threat.
“We need your support to ensure that all water systems in your state comprehensively assess their current cybersecurity practices,” said the letter to the governors from EPA Administrator Michael Regan and national security adviser Jake Sullivan.
The US water sector spans 150,000 public water systems and, in many cases, Regan and Sullivan said, “even basic cybersecurity precautions” are not in place at water facilities and “can mean the difference between business as usual and a disruptive cyberattack.”
The EPA also announced it will set up a “task force” to “identify the most significant vulnerabilities of water systems to cyberattacks,” among other pressing issues. White House officials invited state homeland security and environmental officials to a meeting to discuss cybersecurity improvements needed in the water sector.
Emily Phelps, Director, Cyware had this comment:
“The recent warnings from the White House and the EPA highlight a critical and growing threat to our nation’s infrastructure: cyberattacks targeting water and wastewater systems. This underscores the urgent need for investment in modern security capabilities to safeguard these essential services. The lack of fundamental cybersecurity precautions in many facilities poses a significant risk, potentially turning a minor breach into a major disruption. Ensuring the resilience of our water infrastructure against cyber threats is not just a matter of national security, but also of public health and safety, requiring collaborative efforts at all levels of government and between the public and private sectors.”
Dave Ratner, CEO, HYAS follows with this comment:
“The impact of a cyber attack on critical infrastructure, such as water systems, could be devastating and even life-impacting. It’s critical that everyone who provides critical infrastructure and services, not just water and wastewater systems, augment their security stack with resiliency-based approaches, such as Protective DNS, so they can detect in real-time any and all anomalous activity, render it inert before it causes damage, and ensure the safety of their services and the people who rely on them.”
John Gunn, CEO, Token adds this comment:
The biggest risk is the successful attacks on critical infrastructure that we have not yet detected. These are ticking time bombs. Imagine China invades Taiwan and we support our ally, or another scenario that leads to a broader conflict, China could then activate their earlier compromises and potentially cut off water, power, and other critical services for tens of millions of American citizens.
We’re all in this together. Thus we need to start acting like it or critical infrastructure will simply become the “go to” attack point for threat actors with citizens paying the price.
UPDATE: Mark B. Cooper, President & Founder, PKI Solutions supplied this comment:
“The recent communication from the White House and the EPA to US governors underscores the urgent need for cybersecurity in the water sector. With 150,000 public systems at risk and many lacking basic safeguards, the call for access to comprehensive security evaluations is critical. The formation of a task force to pinpoint vulnerabilities, along with planned strategic discussions and the appropriate funding it takes to implement the strategic plans, highlights the concerted effort needed to safeguard this critical infrastructure from cyber threats.
“Digital Certificates and the Public Key Infrastructure (PKI) that manages the digital certificates play a crucial role in providing advanced encryption methods that secures access and secures data, yet they are frequently underestimated and not managed properly. Posture Management for the Digital Certificates and the PKI needs to be a core requirement in the cybersecurity plans implemented to protect our water sector.”
Like this:
Like Loading...
Related
This entry was posted on March 21, 2024 at 8:30 am and is filed under Commentary with tags EPA, White House. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
White House And EPA Warn Governors Of Cyberattacks Hitting US Water Systems
On Tuesday, the White House and Environmental Protection Agency warned US governors in a letter that cyberattacks are hitting water and wastewater systems “throughout the United States”, and state governments and water facilities must improve their defenses against the threat.
“We need your support to ensure that all water systems in your state comprehensively assess their current cybersecurity practices,” said the letter to the governors from EPA Administrator Michael Regan and national security adviser Jake Sullivan.
The US water sector spans 150,000 public water systems and, in many cases, Regan and Sullivan said, “even basic cybersecurity precautions” are not in place at water facilities and “can mean the difference between business as usual and a disruptive cyberattack.”
The EPA also announced it will set up a “task force” to “identify the most significant vulnerabilities of water systems to cyberattacks,” among other pressing issues. White House officials invited state homeland security and environmental officials to a meeting to discuss cybersecurity improvements needed in the water sector.
Emily Phelps, Director, Cyware had this comment:
“The recent warnings from the White House and the EPA highlight a critical and growing threat to our nation’s infrastructure: cyberattacks targeting water and wastewater systems. This underscores the urgent need for investment in modern security capabilities to safeguard these essential services. The lack of fundamental cybersecurity precautions in many facilities poses a significant risk, potentially turning a minor breach into a major disruption. Ensuring the resilience of our water infrastructure against cyber threats is not just a matter of national security, but also of public health and safety, requiring collaborative efforts at all levels of government and between the public and private sectors.”
Dave Ratner, CEO, HYAS follows with this comment:
“The impact of a cyber attack on critical infrastructure, such as water systems, could be devastating and even life-impacting. It’s critical that everyone who provides critical infrastructure and services, not just water and wastewater systems, augment their security stack with resiliency-based approaches, such as Protective DNS, so they can detect in real-time any and all anomalous activity, render it inert before it causes damage, and ensure the safety of their services and the people who rely on them.”
John Gunn, CEO, Token adds this comment:
The biggest risk is the successful attacks on critical infrastructure that we have not yet detected. These are ticking time bombs. Imagine China invades Taiwan and we support our ally, or another scenario that leads to a broader conflict, China could then activate their earlier compromises and potentially cut off water, power, and other critical services for tens of millions of American citizens.
We’re all in this together. Thus we need to start acting like it or critical infrastructure will simply become the “go to” attack point for threat actors with citizens paying the price.
UPDATE: Mark B. Cooper, President & Founder, PKI Solutions supplied this comment:
“The recent communication from the White House and the EPA to US governors underscores the urgent need for cybersecurity in the water sector. With 150,000 public systems at risk and many lacking basic safeguards, the call for access to comprehensive security evaluations is critical. The formation of a task force to pinpoint vulnerabilities, along with planned strategic discussions and the appropriate funding it takes to implement the strategic plans, highlights the concerted effort needed to safeguard this critical infrastructure from cyber threats.
“Digital Certificates and the Public Key Infrastructure (PKI) that manages the digital certificates play a crucial role in providing advanced encryption methods that secures access and secures data, yet they are frequently underestimated and not managed properly. Posture Management for the Digital Certificates and the PKI needs to be a core requirement in the cybersecurity plans implemented to protect our water sector.”
Share this:
Like this:
Related
This entry was posted on March 21, 2024 at 8:30 am and is filed under Commentary with tags EPA, White House. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.