Cyber Security
On October 29, 2020 a large water and wastewater utility in the United States was victimized by a cyber ransomware attack. The risk of additional water and wastewater sector facilities being attacked by this threat is high. The WaterISAC has published an Advisory (attached) in response to this incident. The Advisory describes what happened, recommended actions to reduce risk, and additional resources. The WaterISAC has graciously permitted the distribution of this Advisory across the water and wastewater systems sector.
EPA requests that WSCC and GCC associations distribute this Advisory without delay to their membership for their immediate attention. Questions regarding this Advisory may be directed to WaterISAC at analyst.waterisac.org. Cybersecurity incidents should be reported to the DHS Cybersecurity and Infrastructure Security Agency at https://us-cert.cisa.gov/forms/report and WaterISAC.
EPA requests that WSCC and GCC associations distribute this Advisory without delay to their membership for their immediate attention. Questions regarding this Advisory may be directed to WaterISAC at analyst.waterisac.org. Cybersecurity incidents should be reported to the DHS Cybersecurity and Infrastructure Security Agency at https://us-cert.cisa.gov/forms/report and WaterISAC.