US water facilities have become a favored target for state-sponsored groups to test their ability to infiltrate infrastructure and remain unseen.
Just this year alone, groups from China, Iran, and Russia have all been spotted lurking in OT infrastructure systems used to control water facilities, with some of them even managing to divert water and cause overflows.
A silver lining?
Results from recent inspections of US water facilities have not been promising, with the EPA’s own testing revealing that 70% of water systems have failed to meet the cyber standards set out in the Safe Drinking Water Act (SDWA) since September 2023.
Hygiene is particularly important for water - both drinking and cyber - with the EPA finding frequent SDWA violations including simple cyber hygiene steps such as changing the default passwords provided on unprotected endpoints, which is exactly how a Russian state-sponsored group hacked into a water facility earlier this year.
Chinese based groups have frequently exploited living-off-the-land techniques to remain undetected within US infrastructure, with the EPA stating in its advisory that, “Foreign governments have disrupted some water systems with cyberattacks and may have embedded the capability to disable them in the future.”
The EPA further states that additional SDWA compliance will be enforced, and “where vulnerabilities are identified and may present an imminent and substantial endangerment to public health, enforcement actions may be appropriate under SDWA Section 1431 to mitigate those risks.”
Via The Verge.
More from TechRadar Pro
- Here is our guide to the best firewalls around today
- US government warns water services are being targeted in cyberattacks
- Get rid of that virus with the best malware removal tools on offer
