Connect with us

Hi, what are you looking for?



Water Sector Security Report Released Just as Another Water Plant Hack Comes to Light

Cybersecurity report released for the U.S. water sector

Cybersecurity report released for the U.S. water sector

The Water Sector Coordinating Council last week announced a new cybersecurity report focusing on water and wastewater utilities in the United States. The release of the report coincided with news that a threat actor in January attempted to poison the water at a facility in the U.S.

The Water Sector Coordinating Council describes itself as “a policy, strategy and coordination mechanism for the Water and Wastewater Sector in interactions with the government and other sectors on critical infrastructure security and resilience issues.”

The organization in April surveyed 606 individuals working at water and wastewater utilities in the U.S. to get a better understanding of the sector in terms of cybersecurity.

According to the report made public on June 17, 356 of respondents said they did not experience any IT security incident in the past year. Three respondents said they experienced 5 or more incidents and 83 reported 1-4 incidents in the last 12 months.

When it comes to cyber incidents involving operational technology (OT) systems, 410 respondents reported no incidents, 25 said they experienced 1-4 incidents, and one organization admitted suffering 5 or more incidents.

The same day the report was published, NBC News revealed that a hacker attempted to poison an unnamed water treatment plant that serves parts of the San Francisco Bay Area on January 15.

NBC obtained the information from a private report created by the Northern California Regional Intelligence Center in February. According to that report, the hacker used a former employee’s TeamViewer account to gain access to systems at the water facility and started deleting programs used for treating drinking water.

Advertisement. Scroll to continue reading.

In February, law enforcement revealed that hackers had remotely accessed systems at the water plant in Oldsmar, a small city in Florida, and attempted to elevate levels of a certain chemical, putting the public at risk of being poisoned.

Then, in March, the U.S. Justice Department announced charges against a former Kansas utility worker accused of remotely tampering with a public water system’s cleaning procedures.

The 22-page report released last week by the Water Sector Coordinating Council contains some interesting information on the cybersecurity needs and challenges of this sector in the United States.

“Like all sectors, water and wastewater systems are targets, directly or indirectly, of cyber attackers, but complicating any set of solutions is the demographics of the sector. There are approximately 52,000 community water systems and approximately 16,000 wastewater systems in the United States,” the report reads.

“Among these utilities are a wide range of capabilities and capacities for cybersecurity enhancement. Many are subject to economic disadvantages typical of rural and urban communities. Others do not have access to a cybersecurity workforce. Operating in the background is that these utilities are struggling to maintain and replace infrastructure, maintain revenues while addressing issues of affordability, and comply with safe and clean water regulations,” it explains.

Related: Probe Into Florida Water Plant Hack Led to Discovery of Watering Hole Attack

Related: Industry Reactions to U.S. Water Plant Hack: Feedback Friday

Related: Hack Exposes Vulnerability of Cash-Strapped US Water Plants

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.