The White House warns US states about recent indications that state hackers want to attack water companies. The federal government is calling on states to be vigilant and increase security. Iranian and Chinese state hackers are said to be hacking the companies.
Hackers are said to be targeting water and sewer companies, the US federal government writes. For example, hackers affiliated with the Iranian government are said to hack water companies with the aim of disabling 'operational technology'. To do this, they abuse systems for which the default password of 1111 has not been changed.
In addition, hackers from Volt Typhoon are said to hack the IT systems of critical services, including water companies. According to the White House, this group is funded by the Chinese government. Volt Typhoon's behavior is said to be 'not in line with traditional cyber espionage'. The federal government believes 'with a high degree of certainty' that Volt Typhoon is preparing to disrupt critical services in the event of 'geopolitical tensions and/or military conflicts'.
According to the White House, drinking water and sewer companies are attractive targets because they are critical services but often do not have enough resources to properly protect themselves. The White House therefore wants states to take measures to reduce risks, such as examining the current cybersecurity state of water utilities and drawing up emergency response plans. “In many cases, simple cybersecurity precautions, such as changing default passwords or installing updates to patch vulnerabilities, are not in use. This can mean the difference between business as usual and a disruptive cyber attack.”
It White House points out that government agencies such as the Environmental Protection Agency and the Cybersecurity and Infrastructure Security Agency are providing assistance to water utilities to continue performing those critical tasks. EPA also says it wants to establish a Water Sector Cybersecurity Task Force to help water companies secure their systems.