“Disabling cyberattacks” are targeting drinking water and wastewater systems across the United States, government officials have warned.
The national security advisor and the head of the U.S. Environmental Protection Agency warned governors about these attacks in a letter dated Tuesday.
The letter to governors warned that these attacks have the potential to disrupt clean and safe drinking water, and impose significant costs on affected communities.
They described the nature of these threats and asked for cooperation to secure water systems against the increasing risks from and consequences of these attacks.
National Security Advisor Jake Sullivan and Environmental Protection Agency Administrator Michael Regan highlighted two recent and ongoing alleged threats by Iranian and Chinese hackers in their letter.
They referred to a case where hackers disabled a controller at a water facility in Pennsylvania and mentioned a Chinese hacking group called “Volt Typhoon” which they said had compromised information technology of multiple critical infrastructure systems, including drinking water, in the United States and its territories.
They asked the governors to ensure that all water systems in their state comprehensively assess their current cybersecurity practices and be prepared for potential cyber incidents.
The letter said that drinking water and wastewater systems are an attractive target for cyberattacks because they are a lifeline critical infrastructure sector but often lack the resources and technical capacity to adopt rigorous cybersecurity practices.
The digital safety of water and sewage plants has long been a concern for cybersecurity professionals because the facilities provide a critical service and can often be lightly defended.
More to come.
— with files from Reuters
