February 21, 2024 at 01:45PM
CISA, the FBI, and the EPA have released a fact sheet outlining top cybersecurity measures for U.S. water utilities. Recommendations include reducing exposure of assets, changing passwords, patching vulnerabilities, and conducting regular cybersecurity training. The agencies also issued a guide and free security scan program to help utilities secure their systems amidst growing cyber threats.
Based on the meeting notes provided, the key takeaways are as follows:
– CISA, the FBI, and the EPA have released a fact sheet outlining defense measures for U.S. water utilities to improve resilience against cyber threats.
– The top eight actions for U.S. water and wastewater systems include reducing exposure of key assets, conducting regular cybersecurity assessments, changing default or insecure passwords, implementing multifactor authentication, creating inventories of assets, backing up systems regularly, patching or mitigating known vulnerabilities, and developing and exercising cybersecurity incident response and recovery plans.
– Water facilities worldwide have been targeted by cyberattacks in recent years, prompting CISA, the FBI, and the EPA to issue an incident response guide and release a free security scan program to help secure systems.
– Several ransomware attacks have affected water utilities, including those at Veolia North America, Southern Water, a South Houston wastewater treatment plant, the Southern California Camrosa Water District, and a Pennsylvania water system.
These takeaways highlight the severity of cyber threats to water utilities and the efforts being made to enhance cybersecurity and incident response in the sector.