The Cybersecurity and Infrastructure Security Agency (CISA), FBI, and National Security Agency (NSA) once again have teamed up in a cybersecurity advisory — this time regarding ongoing attack campaigns against US water and wastewater facilities.
Both known and unknown cyber-threat groups have been going after both IT and OT networks, systems, and equipment at these facilities, the agencies warned.
“This activity — which includes attempts to compromise system integrity via unauthorized access — threatens the ability of [water and wastewater systems] facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities,” the alert said.
The report includes more detailed mitigations and defenses and details on the modes of attack, and the agencies recommend water facilities immediately adopt practices of not opening suspicious links; secure and monitor RDP; and employ strong passwords and multifactor authentication.
Read the advisory here.
Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.