The EPA is cracking down on cybersecurity threats

Share via:


The Environmental Protection Agency is ramping up its inspections of critical water infrastructure after warning of “alarming vulnerabilities” to cyberattacks.

The agency issued an enforcement alert yesterday warning utilities to take quick action to mitigate threats to the nation’s drinking water. The EPA plans to increase inspections and says it will take civil and criminal enforcement actions as needed.

“Cyberattacks against [community water systems] are increasing in frequency and severity across the country,” the alert says. “Possible impacts include disrupting the treatment, distribution, and storage of water for the community, damaging pumps and valves, and altering the levels of chemicals to hazardous amounts.”

“Cyberattacks against [community water systems] are increasing in frequency and severity across the country.”

More than 70 percent of water systems inspected since September 2023 failed to comply with mandates under the Safe Drinking Water Act (SDWA) that are meant to reduce the risk of physical and cyberattacks, the EPA said. That includes failing to take basic steps like changing default passwords or cutting off former employees’ access to facilities. Since 2020, the EPA has taken more than 100 enforcement actions for violations of that section of the SDWA.

“Foreign governments have disrupted some water systems with cyberattacks and may have embedded the capability to disable them in the future,” the enforcement alert says. One example it cites is Volt Typhoon, a People’s Republic of China state-sponsored cyber group that has “compromised the IT environments of multiple critical infrastructure organizations,” according to a Department of Homeland Security advisory issued in February.

The EPA’s enforcement alert asks utilities to follow recommendations for maintaining cyber hygiene, including conducting awareness training for employees, backing up OT / IT systems, and avoiding public-facing internet.

It follows a letter EPA administrator Michael Regan and national security advisor Jake Sullivan sent to state governors earlier this year warning them of cyber risks to the nation’s drinking and wastewater systems. It led to a March convening where the National Security Council asked each state to come up with an action plan to address those vulnerabilities by late June.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

The EPA is cracking down on cybersecurity threats


The Environmental Protection Agency is ramping up its inspections of critical water infrastructure after warning of “alarming vulnerabilities” to cyberattacks.

The agency issued an enforcement alert yesterday warning utilities to take quick action to mitigate threats to the nation’s drinking water. The EPA plans to increase inspections and says it will take civil and criminal enforcement actions as needed.

“Cyberattacks against [community water systems] are increasing in frequency and severity across the country,” the alert says. “Possible impacts include disrupting the treatment, distribution, and storage of water for the community, damaging pumps and valves, and altering the levels of chemicals to hazardous amounts.”

“Cyberattacks against [community water systems] are increasing in frequency and severity across the country.”

More than 70 percent of water systems inspected since September 2023 failed to comply with mandates under the Safe Drinking Water Act (SDWA) that are meant to reduce the risk of physical and cyberattacks, the EPA said. That includes failing to take basic steps like changing default passwords or cutting off former employees’ access to facilities. Since 2020, the EPA has taken more than 100 enforcement actions for violations of that section of the SDWA.

“Foreign governments have disrupted some water systems with cyberattacks and may have embedded the capability to disable them in the future,” the enforcement alert says. One example it cites is Volt Typhoon, a People’s Republic of China state-sponsored cyber group that has “compromised the IT environments of multiple critical infrastructure organizations,” according to a Department of Homeland Security advisory issued in February.

The EPA’s enforcement alert asks utilities to follow recommendations for maintaining cyber hygiene, including conducting awareness training for employees, backing up OT / IT systems, and avoiding public-facing internet.

It follows a letter EPA administrator Michael Regan and national security advisor Jake Sullivan sent to state governors earlier this year warning them of cyber risks to the nation’s drinking and wastewater systems. It led to a March convening where the National Security Council asked each state to come up with an action plan to address those vulnerabilities by late June.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

‘Started fading away’: ‘BeerBiceps’ Ranveer Allahbadia recounts near-drowning incident...

YouTuber Ranveer Allahbadia, known online as BeerBiceps, was rescued...

AI startups: Tech veterans ditch C-suites for the AI...

A number of top tech executives are joining...

Should Indonesian startups brace for a stormy 2025?

Funding levels are set to dip further in...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!