The US government has warned states about dangerous cyber attacks on water supplies and advised them to take countermeasures. In a letter to the governors, the White House points to attacks on such critical infrastructure that the Islamic Republic of Iran and the People's Republic of China are said to be behind. Such attacks could cut the “critical lifeline” that is clean and safe drinking water. To protect yourself, the simplest measures, which are only touched on in the letter, are sometimes enough. Reference is also made to information from the Cybersecurity and Infrastructure Security Agency CISA, which is aimed directly at waterworks.
Advertisement
Preparation for conflict
In the letter, the White House refers, among other things, to attacks that were attributed to the Iranian regime's Islamic Revolutionary Guard Corps. Technology used in waterworks was attacked and switched off – if the default password was not changed. The second example refers to a group called “Volt Typhoon”, which is said to be behind the Chinese government. It was caught in networks of critical facilities in the communications, energy, transport and water sectors. According to the letter, US authorities assume that “Volt Typhoon” is establishing itself there to paralyze the facilities in the event of “geopolitical tensions and/or military conflicts.”
The letter calls on governors to ensure that their water systems review their cybersecurity practices. This should identify and close significant vulnerabilities. At the same time, plans are needed to prepare for possible cyber attacks and to be able to resolve their consequences as quickly as possible. In many cases, it would be enough to change preset passwords or keep software up to date, write the head of the US Environmental Protection Agency and the national security advisor. They then refer to CISA’s tips.
(my)