Connect with us

A Cybersecurity Warning Caused the EPA to Issue a Nationwide Drinking Water Warning Over Concerns for National Security

Two men wearing hard hats and PPE stand on the bridge of a water treatment plant
Source: Hugh Hastings/Getty Images

The Environmental Protection Agency (EPA) issued an alert on Monday urging thousands of water utility systems to take action to protect drinking water from cyberattacks. The group hopes that by issuing the alert, water treatment plants and utility companies will be ahead of any disasters or attacks.

The alert comes at a time when cybersecurity attacks have been prevalent throughout multiple industries in the U.S.

Most Water Systems Fail To Meet Code

Source: Ivan Bandura/Unsplash

In a recent report, federal agencies found that more than 70% of the United States drinking water systems don’t fully comply with the Safe Drinking Water Act requirements.

The EPA added that many water utility companies lack critical cybersecurity protections. Customer data can easily be accessed by sophisticated hackers who intend to penetrate web pages and servers. Even more, hackers can infiltrate systems to stop the flow of drinking water, alter the usage of chemicals, and more. 

Recent Cyber Attacks Compromised a Third of All American’s Data

Sora Shimazaki/Pexels

A recent cyberattack on a UnitedHealth Group subsidiary compromised the detailed billing information of almost a third of all U.S. residents. A group of hackers by the monicker “BlackCat” shut down the billing system that accounts for billions of dollars collected daily.

The company was able to reinstate its billing process when the company’s CEO wired the hackers $22 million as a ransom payment. The attack that took place in February is still under investigation, and the full scope of compromised data has yet to be determined.

Potential Impacts of Cyberattacks

Source: Freepik

The full implications of cyberattacks on water utility companies have yet to be fully known. But for now, the possibilities include interruptions to water treatment and storage and damage to pumps and valves. Chemicals used in water and sewage treatment facilities could also be altered to a dangerous level.

The EPA warns that hackers could interrupt the computer processes that help many water facilities run. In a press release, EPA Deputy Administrator Janet McCabe said, “In many cases, systems are not doing what they are supposed to be doing, which is to have completed a risk assessment of their vulnerabilities that includes cybersecurity and to make sure that plan is available and informing the way they do business.”

Possible Culprits Identified

Source: Egor Filin/Unsplash

The press release details that China, Russia, and Iran have “disrupted some water systems with cyberattacks and may have embedded the capability to disable them in the future.”

The constant manipulation by foreign governments has raised concerns about national security in the past. Recently, Russia has been accused of attempting to interfere with the 2024 U.S. Presidential election.

Recent Cyberattacks: a Warning of More To Come

In late 2023, an Iranian hacker group known as “Cyber Av3ngers” threatened a small Pennsylvania town’s water provider. A utility company in Texas faced similar threats when a Russian-linked “hacktivist” group attempted to disrupt regular operations.

More cyberattacks were recorded when a group in China called “Volt Typhoon” compromised multiple infrastructure systems, including drinking water in the U.S. and worldwide. Experts warn that more attacks are expected as the world becomes increasingly accessible online.

The White House Warned of Water-Related Attacks in March

Source: Wikimedia Commons

The EPA’s alert on Monday closely follows the White House’s warnings in March that potential attacks threatened the U.S.’s water systems.

The White House issued a letter to all 50 U.S. governors detailing detailed information. The letter noted that the Iranian Government Islamic Revolutionary Guard Corps (IRGC) has executed several “malicious cyberattacks” against drinking water systems and other infrastructure.

Water Systems are Attractive Targets for Hackers

Source: @no_okiedoke/X

Micheal S. Regan, an EPA administrator, and White House National Security Adviser Jake Sullivan wrote that “Drinking water and wastewater systems are an attractive target for cyberattacks because they are a lifeline critical infrastructure sector but often lack the resources and technical capacity to adopt rigorous cybersecurity practices.”

Cutting off essential services to residents could pose an immediate danger. Hackers often look for the most vulnerable systems that they can exploit to accomplish their goals.

Better Training Needed for Water Utility Companies

Source: Kristine Wook/Unsplash

To better protect essential infrastructure, more comprehensive training and systems updates will be needed by the wastewater companies.

Better cyber security can only protect the American people and prevent covert attacks. Hackers often use weak spots in security systems to access detailed customer information or sensitive company processes.

The EPA Will Assist in Training Water Utility Companies

Source: Wikimedia Commons

To gain better security, smaller water companies will have the free assistance of the EPA to upgrade their security measures. McCabe said water providers should avoid using default passwords and will need to update their risk assessment plan in case of an emergency.

Water treatment plants also need functioning backup systems in case hackers can destroy them from the inside.

Cyberthreats Will Be Difficult To Deal with in the Expansive System

Source: @WaterUCIrvine/X

More than 50,000 community water providers operate throughout the U.S. Helping each of these small companies will be an expansive task. Many operate with minimal staff and tiny budgets without much room for costly cyber upgrades.

Most water providers in the country focus on meeting basic needs, providing clean water, and complying with basic regulations.

More Resources Are Needed To Resolve the Threat

Source: @TexasTech/X

Amy Hardberger, a water expert at Texas Tech University, said of the security overhaul, “Certainly, cybersecurity is part of that, but that’s never been their primary expertise. So, now you’re asking a water utility to develop this whole new sort of department.”

Forcing small utility companies to overhaul their systems or create entirely new departments is a lot to ask. The government will need more resources to assist in protecting national security on a small scale. 

Advertisement
Advertisement

You May Also Like

The Most Dangerous Tree in the World Grows in the United States – It’s 12,000x More Lethal Than a Rattlesnake

Thousands Of People Live Downstream From Dams- Most Do Not Realize The Potential Risks

Kroger CEO Defends High Prices, Claims It’s not The Company’s Fault

New Study: West Coast Faces an Imminent Catastrophic Earthquake – ‘The Big One’

Culture War in America Is Destroying the Media Industry

Creator of Ozempic Defends the High Price Point, Saying It’s Reducing the Cost of Obesity

World’s Largest Man-Made River Faces Challenges in $25 Billion Initiative

DeSantis Approved Religious Guidance in Florida Schools- Satanic Temple Vows to ‘Raise Hell’