The U.S. Environmental Safety Company (EPA) mentioned it is forming a brand new “Water Sector Cybersecurity Job Pressure” to plot strategies to counter the threats confronted by the water sector within the nation.
“Along with contemplating the prevalent vulnerabilities of water techniques to cyberattacks and the challenges skilled by some techniques in adopting greatest practices, this Job Pressure in its deliberations would search to construct upon present collaborative merchandise,” the EPA mentioned.
In a letter despatched to all U.S. Governors, EPA Administrator Michael Regan and Nationwide Safety Advisor Jake Sullivan highlighted the necessity to safe water and wastewater techniques (WWS) from cyber assaults that would disrupt entry to scrub and secure consuming water.
A minimum of two risk actors have been linked to intrusions focusing on the nation’s water techniques, together with these by an Iranian hacktivist group named Cyber Av3ngers in addition to the China-linked Volt Hurricane, which has focused communications, vitality, transportation, and water and wastewater techniques sectors within the U.S. and Guam for no less than 5 years.
“Consuming water and wastewater techniques are a lovely goal for cyberattacks as a result of they’re a lifeline essential infrastructure sector however typically lack the sources and technical capability to undertake rigorous cybersecurity practices,” Regan and Sullivan mentioned.
The event coincides with the launch of a brand new reality sheet from the U.S. Cybersecurity and Infrastructure Safety Company (CISA), urging essential infrastructure entities to defend in opposition to the “pressing threat posed by Volt Hurricane” by implementing safe by-design rules, sturdy logging, safeguarding the provision chain, and rising consciousness of social engineering techniques.
“Volt Hurricane have been pre-positioning themselves on U.S. essential infrastructure organizations’ networks to allow disruption or destruction of essential companies within the occasion of elevated geopolitical tensions and/or army battle with the USA and its allies,” the company cautioned.
Cybersecurity agency SentinelOne, in a report revealed final month, revealed how China has launched an offensive media technique to propagate “unsubstantiated” narratives round U.S. hacking operations for over two years.
“Repeating China’s allegations helps the [People’s Republic of China] form international public opinion of the U.S. China needs to see the world acknowledge the U.S. because the ’empire of hacking,'” Sentinel One’s China-focused advisor Dakota Cary mentioned.
“The truth that China is lodging allegations of US espionage operations remains to be notable, offering perception into the connection between the US and China, even when China doesn’t help its claims.”
