News of a burgeoning cyber security threat has come from authorities in Poland and the United States, who have alerted to hackers’ ability to gain access to or attempt to gain access to water treatment systems and the serious threat this poses to the critical public utilities around the world. The incidents include hacking into water supply industrial control systems that could disrupt critical services.
What is the issue with water treatment plants that is being called out in the cyber alert?
Security experts in Poland reported on their ability to access several water treatment plants, and cyber experts in the United States confirmed such attacks on water treatment plants in this country.
The leaks were reportedly linked to access to industrial control systems (ICS) that control important site operations like the water filtration, chemical dosing and pumping systems.
The analysis of the internal security of Poland revealed in some cases the ability to gain access to operational systems and manipulate the processes of water treatment.
What went wrong in Poland’s water system?
The Polish intelligence services as revealed at least five water treatment plants were targeted by cyber criminals who were attacking different municipalities.
The results of the investigation:
- Hackers compromised multiple industrial control systems (ICS) in the facilities. Multiple facilities had their industrial control systems (ICS) hacked.
- In certain instances they were able to adjust operating conditions.
- The attacks caused a “direct risk” to continuity of water supply.
- Poor passwords and Internet connected systems were significant weaknesses.
- The wider campaign was also connected to continued geopolitical activity on the networks of critical infrastructure in Europe.
The Polish internal security agency stated that these are part of a larger trend of constant cyber pressure toward essential services.
What is the cyber alert about in the United States?
U.S. officials in charge of cybersecurity have confirmed that such attacks are seen in water systems in the United States.
There is no report of significant disruption caused by the latest warning, but U.S. agencies have long cautioned water systems are a high-risk target because of aging systems and vulnerable operational networks.
One of the standout events is the hack of a water plant in 2021 in Oldsmar, Florida, where the hacker was able to temporarily access the plant and try to modify the chemical levels.
The U.S. agencies, such as the Cybersecurity and Infrastructure Security Agency (CISA), have repeatedly encouraged utilities to strengthen their password protection, isolate their industrial systems and limit their exposure to the internet.
So, why is the focus about water treatment plants?
The water sector is classified as critical national infrastructure, and is a target for cyber threat actors.
Main reasons these systems are targeted:
High societal impact
The interruption of water supplies can rapidly impact the public health and safety.
Legacy industrial systems
There are still many facilities that are running older control systems, which are not very secure.
Remote accessibility risks
Others are hardwired into Internet for monitoring.
Low cybersecurity staffing
Municipal utilities with limited size may not have security staff.
The attackers know how to take advantage of weak points like default passwords and unpatched systems, not advanced hacking techniques, experts say.
What is the threat to public drinking water supply?
As of now, there is no evidence that there is broad disruption to drinking water systems in either Poland or the U.S. The impact of such breaches is, however, serious, cyber security experts warn.
Successful attacks on industrial control systems can lead to:
- Disruption of water supply distribution
- Wrong chemical dosing of treatment processes
- Temporary shutdown of the plants’ activities.
- Loss of services to affected communities
Nevertheless, most current attacks are either early detected or prevented from inflicting any physical damage with the help of monitoring systems and manual overrides.
What are governments doing to respond?
Both Poland and the U.S. have stepped up their cyber defense of critical infrastructure.
Key response actions:
- There is a need to improve water utility network monitoring. There is need for enhanced monitoring of water utility network.
- Conducting mandatory Cyber Security Audits for critical facilities. Carrying out mandatory Cyber Security Audits for critical facilities.
- Advice from national cyber agencies (CISA in the U.S., for example)
- Upgrading Industrial Control Systems (ICS) for investments. Investment in upgrading Industrial Control Systems (ICS).
- Better government and utility operator coordination
The bigger picture today is now about protecting Operational Technology (OT) systems that are the hardware and software that are used to physically operate systems such as water, energy and transport.
This alert is relevant to all the world over.
Water facilities are just one of many growing sectors of essential services being targeted in cybersecurity attacks, experts warn.
There are comparable risks reported in:
- Energy grids
- Wastewater treatment systems
- Transportation control networks
- Industrial manufacturing systems
The concern is not only about data theft, but tangible disruption of physical systems, making these attacks much more harmful than the traditional attacks in the cyber world.
FAQ
In the water treatment plant cases, what did the hackers do?
Hackers are said to have breached Water Treatment (WT) Industrial Control Systems (ICSs). They were able to access systems in some cases that would enable operational adjustments, risking the safety of water supplies.
What countries do these cyber attacks impact?
Both the PwC and the U.S. warnings were issued recently, with cybersecurity analysts reporting similar attacks in Europe and other parts of the world.
Is drinking water supply being threatened by current uses?
No reliable reports of widespread disruption to public water supplies. But the weaknesses in industrial systems could become a problem if they weren’t secured, authorities warn.
What makes water plants targets of hackers?
Many systems use outdated technology, weak passwords and industrial controls that are connected to the internet. Smaller utilities typically have less resources to put into cyber security, making them easy targets.
Use DKI to keep up to date.
Dubai Key Insights (DKI) monitors worldwide developments in cyber security threats, cyber infrastructure risks, and geopolitical events impacting the critical infrastructure of different nations around the world, giving the reader an understanding of the translation of cyber risks to real-world impact.
