On November 21, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) and the Office of the Director of National Intelligence (ODNI) issued new guidance aimed at safeguarding critical infrastructure installations against foreign threats. This announcement coincided with National Critical Infrastructure Security and Resilience Month, underscoring the importance of protecting essential services that are vital for national security and public health. The guidance highlights that U.S. adversaries are increasingly exploiting vulnerabilities in critical infrastructure, leading to disruptions that can have serious implications for public safety. [742e1eaf]
The advisory outlines key indicators of foreign targeting, such as unexplained outages and unusual cyber activity. To counter these threats, CISA and ODNI recommend that infrastructure owners develop comprehensive security strategies, maintain visibility over their supply chains, and implement robust access controls. Additionally, the Department of Homeland Security (DHS) has released recommendations focused on the security of artificial intelligence systems used within critical infrastructure. [742e1eaf]
This guidance comes amid ongoing concerns about cyber threats from Russian intelligence agencies, which have been actively targeting government entities, technology firms, and financial institutions. On October 11, 2024, the UK and US issued a joint cyber warning detailing tactics employed by Russia's Foreign Intelligence Service (SVR) to exploit publicly disclosed vulnerabilities. This warning emphasized the urgent need for organizations to bolster their cyber defenses, particularly in light of the ongoing conflict in Ukraine. [16982910]
In the context of these threats, US officials have previously raised alarms about a rising tide of cyberattacks targeting water and sewage systems across the nation. National Security Advisor Jake Sullivan and Environmental Protection Agency Administrator Michael Regan noted specific instances of disabling cyber assaults on vital water infrastructure, with perpetrators including Iranian and Chinese cyber operatives. The attacks have resulted in significant risks to clean drinking water and economic burdens on affected communities. [1b62eb28]
Moreover, Deputy National Security Adviser Anne Neuberger pointed to recent cyber attacks by the Iranian hacker group 'Cyber Av3ngers' on American organizations, which, while unsophisticated, serve as a reminder of the persistent cyber threats faced by the US. The Iranian hackers specifically targeted organizations using programmable logic controllers made by Israeli company Unitronics, commonly used by water treatment utilities. [0a919c68]
A report from cyber defense group Mandiant also linked the Russian hacking group 'Sandworm' to a cyberattack that caused a Texas water tank to overflow, highlighting the vulnerability of critical infrastructure to cyber threats. This incident underscores the urgent need for increased cybersecurity measures to protect water and sewage systems from malicious actors. [ec9037a9]
As small-town water systems in the United States become targets for cyber attacks from adversarial national governments, the increasing number and intensity of these attacks raise significant concerns for public safety and policy. The lack of cybersecurity measures in many water facilities, particularly small public systems, poses a considerable risk. Close coordination between government and industry is essential to defend against cyber threats, ensuring safe and reliable water for communities while balancing security needs. [40370455]