Federal Agencies Warn Water Sector of Cyber Threats
A joint advisory outlines steps for water and wastewater systems to defend against ongoing exploitation of operational technology.
Federal authorities issued a joint cybersecurity advisory Tuesday warning U.S. water and wastewater systems of ongoing threats from Iranian-affiliated cyber actors.
The EPA, FBI, CISA, and the NSA released the guidance following reports of exploitation across multiple critical infrastructure sectors. According to the advisory, these attacks have targeted operational technology, leading to configuration wiping, mechanical sensor tampering, and the disruption of human-machine interfaces.
The disruptions have resulted in operational downtime and financial losses for affected facilities. Officials noted that the water sector remains a primary target for groups seeking to interfere with U.S. infrastructure.
The advisory provides technical details to help utilities identify specific vulnerabilities. Recommended security measures often involve procedural changes and configuration updates rather than significant capital investment in new hardware or software.
The EPA currently provides free cybersecurity assessments and technical assistance to help utilities identify gaps and develop risk mitigation plans. Authorities are urging water system operators to report suspicious activity or criminal incidents to the FBI Internet Crime Complaint Center or the CISA Incident Reporting System.
About the Author
Jesse Jacobs is Assistant Editor of EPOnline.com.
