Tag: water systems
China ramps up cyber-attacks on the US
The latest US security breach attributed to systematic attempts by China to compromise US institutions and critical infrastructure has impacted the US Treasury. The intrusion is being billed as “a major cybersecurity incident”. According to a letter from the US Department of the Treasury: “The threat actor was able to override the service’s security, remotely access certain Treasury Departmental Office user workstations, and access certain unclassified documents maintained by those users… Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor.”
US water supply threatened by cyber-attacks
The USA’s drinking water is under threat. According to the US Environmental Protection Agency (EPA), 97 drinking water systems serving around 27 million users have critical or high-risk cybersecurity. Although the EPA’s latest report focuses on the potential financial costs of cyber-attacks, there is also strong evidence that such attacks could also result in significant loss of life, with thousands or even millions of people being deliberately poisoned by terrorists or a hostile foreign power. “We estimate that a [California] state-wide water service disruption could potentially cost at least $61 billion in lost revenue per day,” says the EPA report, Cybersecurity Concerns Related to Drinking Water Systems.
EPA Issues Warning for US Drinking Water Systems – May 21st
On Monday, May 20th, the Environmental Protection Agency (EPA) issued a warning, urging water utility systems in the US to take action to prevent vulnerabilities. The EPA says 70% of water systems inspected don't fully comply with the Safe Drinking Water Act requirements, stating that some have "critical cyber vulnerabilities" such as default passwords that may be easily compromised.
73% of SME Security Professionals Failed to Act on a High Priority Security Alert – April 17th
According to a survey from Coro, 73% of SME cybersecurity professionals admittedly say that they've missed, ignored, or failed to act accordingly on a high-priority security alert. The survey also found respondents to spend an average of 4 hours and 43 minutes managing their cyber security tools daily, with an average of 11.55 tools in their security stack.