Water supplies could be in danger as feds warn of increased cyberattacks targeting municipal systems
Law enforcement agencies issue warnings about water system attacks from the Iranian Government Islamic Revolutionary Guard Corps, as well as state-sponsored actors in Russia and China
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Cyberattacks on local water systems throughout the US are “growing in frequency and intensity,” the Environmental Protection Agency (EPA) said.
An alert issued by the EPA on Monday instructs officials running community water systems to ensure they comply with the Safe Drinking Water Act, which requires them to conduct risk assessments and emergency response plans, in light of the rise in cyberattacks.
“Based on actual incidents we know that a cyberattack on a vulnerable water system may allow an adversary to manipulate operational technology, which could cause significant adverse consequences for both the utility and drinking water consumers,” the EPA wrote on Monday.
The agency said federal law enforcement agencies have issued warnings about water system attacks from the Iranian Government Islamic Revolutionary Guard Corps, as well as state-sponsored actors in Russia and China. Some foreign hackers may have already embedded themselves in water systems, waiting to strike, the EPA said.
“By working behind the scenes with these hacktivist groups, now these [nation states] have plausible deniability and they can let these groups carry out destructive attacks,” Dawn Cappelli, a cybersecurity expert with Dragos Inc, told the Associated Press.
Cyberattacks can disrupt the treatment, distribution, and storage of water, the EPA said. Hackers can also damage automatic pumps and alter the levels of chemicals to hazardous amounts.
Late last year, multiple community water utilities in the US were attacked by Iranian-backed hackers because they used an Israeli-made piece of equipment, federal investigators said. One of these water systems was in western Pennsylvania, serving just 22,000 people.
Meanwhile, in 2021 a cyberattack forced the suspension of operations on the Colonial Pipeline, a major US energy pipeline that transports 45 per cent of all fuel consumed on the East Coast.
The alert comes after the EPA found that 70 per cent of water systems inspected since September are out of compliance with “basic” requirements of the Safe Drinking Water Act.
“In many cases, systems are not doing what they are supposed to be doing, which is to have completed a risk assessment of their vulnerabilities that includes cybersecurity and to make sure that plan is available and informing the way they do business,” EPA Deputy Administrator Janet McCabe told the AP.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments