Organizations related to water treatment plants and water supply agencies are a critical part of the public infrastructure. Although cyberattacks on water facilities have not grabbed headlines nearly as much as other public utilities, their failure may have an impact as severe as the failure of a national power grid. A recent failed attack on Israel's Water Authority facilities also highlights the fact that how attacks on these low profile organizations may have a high impact.
What happened
In April 2020, an Islamic hacktivist group, dubbed the ‘Jerusalem Electronic Army’ (or J.E.Army), had targeted the Israeli Water Authority facilities.
The cyberattack was launched on control and control systems of wastewater treatment plants, pumping stations, and sewers, and it was a potential attempt to raise the level of chlorine in the water supply.
Although the attack was quickly identified and remediated, the security agencies urged all the companies active in the energy and water sectors to change passwords for all internet-connected systems.
A successful cyberattack could have caused the supply of water with increased levels of chlorine to the end-users, thereby leading to fatal disasters.
Previous attacks
There have been several occasions when the cybercriminals have specifically targeted waterworks or water treatment agencies.
In January 2020, Greenville Water, which serves nearly 500,000 residents of the Upstate region of South Carolina, announced it had suffered a targeted cyberattack that affected online payments for half a million people.
In December 2019, the water department in the Aurora City announced that personal information of some of the Aurora Water customers may have been compromised through a data breach.
Other threats
Besides cyber attacks, water utilities also face threats of exposure due to vulnerabilities in the Industrial Control Systems (ICS) used by them.
In February 2020, the C-more Touch Panels, which are used by commercial, critical manufacturing, energy, water, and wastewater facilities, were found to be vulnerable. The vulnerability, CVE-2020-6969, could allow attackers to unmask credentials and other sensitive information on unprotected project files.
Staying protected
The water infrastructure requires regular monitoring to not only detect the latent threats on the network but also identify any anomalies that might be indicative of an intrusion. Having a comprehensive set of cybersecurity regulations and practices can also help avoid such cyber incidents.