Water Supply Security and Aging Infrastructure

Increasingly damaging cyber threats

Today, threat actors have shifted their focus to the OT systems of Critical Infrastructure providers. Legacy infrastructure, high impacts of downtime and service interruption make potential ransomware payouts a greater likelihood. In a recent survey, 83% of Critical Infrastructure providers reported at least one OT security breach in the prior 36 months^[1]_.

What’s more, geopolitical tensions have risen dramatically. In recent months, conflicts have alarmed Critical Infrastructure operators and governments. Many cybersecurity experts believe that Russia’s aggressive moves on Ukraine will lead to cyberattacks on Critical Infrastructure in other parts of the world.

As in other industries, the number one cyber threat facing water and wastewater utilities is ransomware. This technique enables threat actors to infiltrate IT systems and networks, often using stolen credentials, and implant malicious software that allows them to worm into connected OT systems and encrypt data. The results can be disastrous.

For example, the high-profile breach of Colonial Pipeline in May 2021 shut down the company’s business systems and prompted it to preemptively disconnect OT systems. The entire pipeline was disabled, causing gas shortages across the eastern U.S. This attack clearly demonstrated the ability of threat actors to breach OT systems and underscored the potentially catastrophic impact of attacks on OT systems of Critical Infrastructure providers. 

For water utilities, risks hit closer to home in February 2021. A hacker gained access to a water treatment plant in Oldsmar, Fla., and hijacked operational controls. The intruder spiked the system, adding sodium hydroxide, or lye, into the facility’s water system, contaminating it to dangerous levels. Had a plant operator not noticed and returned the lye to normal levels, thousands of people could have potentially been sickened, or worse.

Following the Oldsmar attack, the FBI and other federal agencies issued a joint advisory warning of escalating attacks on IT and OT networks, systems, and devices in the water and wastewater sector. The advisory warned operators to watch out for spear phishing, ransomware, and exploitation of outdated operating systems and firmware.

Though cyberattacks continuously evolve into more sophisticated threats, the good news is, most breaches take advantage of known and solvable gaps in an organization’s IT and OT infrastructure. Given the common nature of the gaps, available solutions and rising costs of unprotected operations, cybersecurity today must be considered as a cost of doing business – an operational insurance policy towards reliable uptime.

Read about how one Canadian water and power utility solved multiple cybersecurity and operational challenges in this new Rockwell Automation case study. Need help today? Contact us to speak to an expert. 

This article was originally published in Water Conditioning & Purification International.