The Environmental Protection Agency (EPA) issued an enforcement alert Monday urging water utility systems to take immediate actions to protect the nation’s drinking water from cyberattacks.
According to the EPA, recent federal inspections revealed that 70 percent of U.S. water systems inspected do not fully comply with requirements in the Safe Drinking Water Act. The agency added that some systems have “critical cybersecurity vulnerabilities, such as default passwords that have not been updated and single logins that can easily be compromised.”
“In many cases, systems are not doing what they are supposed to be doing, which is to have completed a risk assessment of their vulnerabilities that includes cybersecurity and to make sure that plan is available and informing the way they do business,” EPA Deputy Administrator Janet McCabe said in a press release.
The warning said China, Russia and Iran have “disrupted some water systems with cyberattacks and may have embedded the capability to disable them in the future.”
Late last year, an Iranian-linked group, “Cyber Av3ngers,” targeted multiple organizations, including a small Pennsylvania town’s water provider. Earlier this year, a Russian-linked “hactivist” group attempted to disrupt operations at several Texas utilities.
https://www.newsweek.com/drinking-water-warning-issued-nationwide-cyberattacks-epa-1902756