EPA says it will step up enforcement to address ‘critical’ vulnerabilities within water sector
2024-5-21 05:1:23 Author: therecord.media(查看原文) 阅读量:6 收藏

The U.S. Environmental Protection Agency on Monday urged water utilities to take action to improve their digital defenses, following a spate of recent cyberattacks.

The agency’s “enforcement alert” said that recent inspections of water systems found that more than 70 percent fail to meet basic cybersecurity standards, including some with “critical” vulnerabilities, such as relying on default passwords that haven’t been updated and single logins that “can easily be compromised.” 

The notice comes after a Russian hacktivist group claimed credit for digital assaults on water sites in Texas and Indiana. Late last year, Iran-linked Cyber Av3ngers group took responsibility for striking a water authority in Pennsylvania.

“Given the vulnerabilities and attacks on systems, EPA also will increase the number” of inspections of community water systems that “focus on cybersecurity,” the agency warned.

Earlier this year, the EPA — along with the FBI and Cybersecurity and Infrastructure Security Agency (CISA) — released a manual for the water industry with more information about cyber incident response.

The EPA is also working to establish a Water Sector Cybersecurity Task Force that could identify strategies to reduce the risk of cyberattacks against water systems.

The Office of the National Cyber Director earlier this month issued its second implementation plan that included more than 30 new initiatives for the federal government to address cyber threats to the nation, including promoting the adoption of best practices in the water sector.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.


文章来源: https://therecord.media/epa-enforcement-vulnerabilities-critical-water-sector
如有侵权请联系:admin#unsafe.sh