September 26, 2022
11 11 11 AM
Breaking News :
FireNews : Stocks making the biggest moves midday: Wynn Resorts, Planet Fitness, AMC, Lyft and more #FireNews365 FireNews : Edward Snowden granted Russian citizenship #FireNews365 FireNews : Ukraine war: Inside Bakhmut, the battered Donbas city holding off Putin’s troops #FireNews365 FireNews : Mali players fight each other at Basketball World Cup #FireNews365 FireNews : Ukraine war: Russia admits mobilisation errors, amid growing public opposition #FireNews365 FireNews : Uganda’s Ebola outbreak: Trainee doctors go on strike over safety fears #FireNews365 FireNews : Sri Lanka power cuts – wrong oil blamed #FireNews365 FireNews : Influential Sunni Muslim cleric Yusuf al-Qaradawi dies aged 96 #FireNews365 FireNews : Hurricane Ian forces Nasa to shelter Artemis Moon rocket #FireNews365 FireNews : Wall Street’s fear gauge hits highest level since June #FireNews365

FireNews : How the Biden administration plans to protect your water systems from hackers #FireNews365



The “100-day” plan to increase cybersecurity resources for some of America’s 150,000 public water systems comes a year after a hacker breached a Florida water treatment facility and temporarily changed the plant’s chemical setting to a potentially dangerous level.

The incident at the Tampa-area facility did not cause any harm, but it spurred a heightened focus on the sector’s vulnerabilities among federal officials and the water industry.

“There is absolutely inadequate cyber resilience across the water sector” to criminal and state-sponsored hackers, a senior administration told reporters in previewing the announcement.

The water security initiative will first focus on defenses at the water systems that serve the most people and then expand to smaller facilities, officials said.

The Environmental Protection Agency and US Cybersecurity and Infrastructure Security Agency will invite water utilities to a pilot program to deploy more sophisticated defensive tools on their systems, officials said. Data from the pilot program — and input from water utilities already using such technology — will be the basis of training and guidance that federal officials provide the sector.

The initiative follows similar “100-day plans” that the Biden administration has done to boost cybersecurity in the electricity and natural gas sectors.

The water security initiative is voluntary. Whereas, in other cases, federal agencies can regulate pipelines and electric utilities, they have very limited authority to impose cybersecurity rules on water utilities.

The stakes are high.

“Cyberattacks represent an increasing threat to water systems and thereby the safety and security of our communities,” EPA Administrator Michael S. Regan said in a statement.

The water sector, like other critical infrastructure, has to contend with ransomware attacks and the potential for state-sponsored espionage. A ransomware incident at a Nevada water facility last March affected a computer system that gave plant employees visibility over the facility’s operations, according to a public advisory from the FBI and other agencies.

Awareness of the threats, and coordination to address it, have grown in recent years. The Water Information Sharing and Analysis Center works with several hundred utilities and other organization across in the US and elsewhere to disseminate cyberthreat data shared by the US government.

But resources have been a stark challenge.

In a 2020 survey, just 19% of water professionals were confident that fees and rates could cover existing services for their utilities, let alone the cost of upgrading their infrastructure.



Source link