Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

USA: CISA, FBI, EPA, and NSA publish cyber threat advisory to water and wastewater systems

The Cybersecurity and Infrastructure Agency ('CISA') published, on 14 October 2021, together with the Federal Bureau of Investigation ('FBI'), the Environmental Protection Agency ('EPA'), and the National Security Agency ('NSA') an advisory to highlight ongoing malicious cyber activity by both known and unknown actors targeting the IT and operational technology ('OT') networks, systems, and devices of U.S. Water and Wastewater Systems ('WWS') Sector facilities. In particular, the advisory outlines that the cyber activity, which includes attempts to compromise system integrity via unauthorised access, threatens the ability of WWS facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities. 

In addition, the CISA notes the following immediate actions WWS facilities can take to protect against malicious cyber activity:

  • do not click on suspicious links;
  • if you use Remote Desktop Protocol, secure and monitor it;
  • use strong passwords; and
  • use multi-factor authentication.

Moreover, the advisory outlines the following recommendations for WWS facilities to mitigate cyber threats:

  • WWS monitoring;
  • remote access mitigations;
  • network mitigations;
  • planning and operational mitigations; and
  • safety system mitigations.

You can read the advisory here.