CISA again raises alarm on hacktivist threat to water utilities

The Cybersecurity and Infrastructure Security Agency on Wednesday said threat groups are still exploiting vulnerable devices in various industrial targets — including water utilities — that are practicing weak cyber hygiene.

Exposed and vulnerable industrial control systems and operational technology environments can be hacked using unsophisticated methods, such as brute-force attacks and taking advantage of systems using default passwords, CISA said.

The agency’s alert echoes its warnings from earlier this year that Russia-affiliated hacktivists were targeting ICS/OT operators working in U.S. critical infrastructure facilities. The CISA guidance released in May detailed how hackers were using relatively simple techniques to attack smaller ICS and OT environments in the U.S. and Europe, including water, dams, energy, food and agriculture sectors.

CISA did not specify what specific incidents lead to the alert, but it comes just days after officials in Arkansas City, Kansas, disclosed an attack on a local water treatment facility.

“Despite the incident, the water supply remains completely safe, and there has been no disruption to service,” City Manager Randy Frazer said in an announcement posted on the city website.

The incident is under investigation by forensic specialists and government authorities.

Water warnings

Over the past year, CISA and other federal authorities have kept up a steady cadence of warning about state-linked threat activity, beginning with attacks in 2023 against water and wastewater facilities from hackers linked to Iran’s Islamic Revolutionary Guard Corps.

To read the complete article, visit Cybersecurity Dive.