July 7, 2021 — At least half of municipal water systems in the United States are facing either critical or high risks of cyber attacks, NBC News reports. These systems have been vulnerable since at least 2017, leaving years for hackers to practice exploiting them. In a June 17 report, NBC alleged that there are “50,000 security disasters waiting to happen.” The report describes a January 15 incident where a hacker tried to poison the water supply to parts of San Francisco, California that was thwarted and a Oldsmar, Florida incident where a hacker gained access to a TeamViewer account and raised the levels of lye in the drinking water to poisonous levels. An employee quickly caught the computer’s mouse moving on its own, and undid the hacker’s changes. According to NBC, rural areas are particularly threatened because their water systems do not have dedicated cybersecurity staff.
Practical Cybersecurity Maintenance Tips for Water Suppliers.
Industry leader Water Online has an extensive list of “resiliency resources” that includes tool kits and other resources to help water providers tighten their cybersecurity and improve other water management technologies. Its column, Cybersecurity Hygiene Is Effective Preventive Maintenance, offers a list of things that can easily be done to prevent cyber threats. From data backup to updating software, the column gives bullet-style lists of exactly what should be done.
Politico’s Eric Geller warns that President Biden’s infrastructure plan needs to address cybersecurity. “Biden’s plan includes $211 billion for upgrading the United States’ power and water infrastructure. These systems’ paramount importance to daily life also makes them top targets for hackers and top priorities for security funding,” Geller writes.
About a month after Politico’s article was published, an executive order was issued by the administration that establishes several timelines for enhancing the nation’s cybersecurity. Among other things, the order removes threat information sharing barriers between the federal government and private sector and establishes a Cyber Safety Review Board that includes the private sector.
While the executive order may be a step toward better security, a survey conducted in April and published in June 2021 by the Water Information Sharing and Analysis Center and the Water Sector Coordinating Council paints a bleak picture of where things currently stand. Summarizing the survey, GCN reports that many utilities “do not have access to a cybersecurity workforce. Operating in the background is that these utilities are struggling to maintain and replace infrastructure, maintain revenues while addressing issues of affordability, and comply with safe and clean water regulations.” In short, water utilities need funding to address cyber concerns.
Water providers and utilities across the United States face growing cybersecurity challenges, and many are unprepared. This article links resources that could help.
Since 1995, Deborah has owned and operated LegalTech LLC with a focus on water rights. Before moving to Arizona in 1986, she worked as a quality control analyst for Honeywell and in commercial real estate, both in Texas. She learned about Arizona's water rights from the late and great attorney Michael Brophy of Ryley, Carlock & Applewhite. Her side interests are writing (and reading), Wordpress programming and much more.
Groundwater pumping and climate change are drying Arizona's Upper Verde River, threatening wildlife and regional water resources, says a recent report.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Leave a Reply