Cyberattacks on U.S. water utilities are escalating in frequency and severity, prompting urgent warnings from the U.S. Environmental Protection Agency for enhanced cybersecurity measures.
Michael Phillis and Matthew Daly report for Associated Press.
In short:
- Approximately 70% of inspected water utilities have violated cybersecurity standards, with recent attacks linked to Russia, Iran, and China.
- Water systems often fail to implement basic security measures such as changing default passwords and restricting access for former employees.
- Cyberattacks can disrupt water treatment and distribution, posing serious risks to public health.
Key quote:
“In many cases, systems are not doing what they are supposed to be doing, which is to have completed a risk assessment of their vulnerabilities that includes cybersecurity and to make sure that plan is available and informing the way they do business.”
— Janet McCabe, EPA Deputy Administrator
Why this matters:
Securing water supplies against cyberattacks is necessary for public health and safety. With threats to critical infrastructure on the rise, robust cybersecurity practices are essential to protect vital services. Read more: U.S. intel chief warns of devastating cyber threat to U.S. infrastructure.
