More US water treatment plants have been hit by ransomware
US cybersecurity agencies share best practices to help business protect against similar cyber intrusions
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Top UScybersecurityagencies have revealed thatransomwaregangs have hit three US water and wastewater treatment facilities so far in 2021.
Details about the series of attacks on the water and wastewater systems (WWS) sector facilities in the US comes via a joint security advisory published by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Agency (CISA), the Environmental Protection Agency (EPA), and the National Security Agency (NSA).
“This activity—which includes attempts to compromise system integrity via unauthorized access—threatens the ability of WWS facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities,”the advisory states.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.
Click here to start the survey in a new window«
The agencies have detailed the attacks in order to share several measures to help businesses mitigate similar adversarial activity.
Ransomware mitigation 101
The previously unreported attacks took place in March, July, and August of 2021 and targeted facilities in Nevada, Maine, and California, respectively.
In all incidents, the threat actors used different ransomware – a variant of Ghost in California, ZuCaNo in Maine, and an unknown ransomware variant in Nevada – to disrupt the operations.
While the advisory also mentions a couple of unsuccessful intrusions in 2020 and 2019, it doesn’t mention some widely reported non-ransomware incidents, including one that occurred earlier this year in February, when a hacker managed to gainremote accessto the water treatment plant of a city in Florida andbriefly pump in dangerous chemicals.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
“Although cyber threats acrosscritical infrastructure sectorsare increasing, this advisory does not intend to indicate greater targeting of the WWS Sector versus others,” clarify the agencies as it uses these incidents to share detailed mitigations to help businesses prevent, detect, and respond to such cyber incidents.
ViaThe Record
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.
This new phishing strategy utilizes GitHub comments to distribute malware
Should your VPN always be on?
Anker Nebula Mars 3 review: A powerful and truly portable projector
