As technology becomes increasingly intertwined with how the United States operates its critical infrastructure, the risk of cyber attacks against vital public services is also increasing. Recent incidents involving hacks on public water systems have underscored the urgent need to protect essential services from cyber attacks.
The United States Federal Bureau of Investigation now ranks cybercrime as one of its most important law enforcement activities. In a statement from the United States Department of Energy, "In addition to the general problems associated with cybercrime, critical infrastructure related to energy production, manufacturing, water supply and other systems have come under attack."
Recent reports indicate a staggering 4,000 percent increase in attacks in the United States since 2013, underscoring the need for robust cybersecurity practices. This is emphasized as geopolitical tensions escalate worldwide, making the susceptibility of vital public services increasingly transparent.
A hacking group with ties to the Russian government is suspected of carrying out an attack against Muleshoe, TX, with several attempts against other rural Texas towns including Lockney and Hale Center.
And while Muleshoe was the victim, it's possible the town itself was not the actual target of the attack.
“Bad actors can sometimes hack into other systems that give them access to that software,” said SitePro Marketing Manager, Kembra Howell in a report to KCBD.
FBI Director Christopher Wray testified before Congress just last week that Chinese hackers were preparing to "physically wreak havoc" on United States critical infrastructure. In a Fox News report, Wray claimed the hacking campaign "has embedded itself successfully in several American critical infrastructure companies that include telecommunications, energy and water, and others."
Which is why several government agencies are warning infrastructure operators to take action against future cyber attacks.
Understanding the Threat:
Critical infrastructure, comprising of systems vital for the functioning of society, has emerged as a prime target. This includes water, wastewater, and energy systems. Because cyber threats are unfortunately becoming more common, municipalities and other governing entities need to be proactive to protect against breaches, hacks, and ransoms.
So How are Water Utilities Affected?
More and more public water systems are incorporating technology into their systems. Nowadays, SCADA (supervisory control and data acquisition) systems are essential for efficient operations in most water systems across the country. That computer technology in itself can make systems susceptible to cyberthreats. As more infrastructure becomes capable of communication, control, and data acquisition, cybersecurity must become of utmost importance.
The Environmental Protection Agency (with assistance from the United States Department of Homeland Security) is in charge of detection research and response among public water systems. According to the EPA, under a cyber attack, "water system operators can lose their ability to track the true status of the water system. Thus, water system managers need to improve their ability to know:
READ MORE: "Water Security: How Safe is Our Nation's Most Precious Resource?"
Protecting Drinking Water Systems Specifically
The good news is, simple cybersecurity practices can be very effective in eliminating vulnerabilities. And while most water managers are unfamiliar with information technology and maybe even SCADA technology (especially smaller public water systems), there are simple ways to promote a cybersecurity culture. Here are a few tips recommended by the EPA:
WATCH: KCBD: "Lubbock software solutions company offers tips to guard against cyberattacks"
SitePro partners with public water systems of all sizes to help them securely manage their critical water infrastructure. Our award-winning software has been recognized by various government entities such as the Department of Defense, Homeland Security, Army, Navy and Air Force for its impact on national security.
Users can easily be added and removed to your SitePro platform, so only authorized operators have access to your critical infrastructure. Our customer success team also ensures your water operators are properly trained in using the software, so you can monitor and control your water and wastewater operations with confidence.
To learn more about our technology and how to leverage it to protect your water and wastewater systems, give us a call at 806-687-5326.