More US water treatment plants have been hit by ransomware

(Image credit: Shutterstock)

Top US cybersecurity agencies have revealed that ransomware gangs have hit three US water and wastewater treatment facilities so far in 2021.

Details about the series of attacks on the water and wastewater systems (WWS) sector facilities in the US comes via a joint security advisory published by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Agency (CISA), the Environmental Protection Agency (EPA), and the National Security Agency (NSA).

“This activity—which includes attempts to compromise system integrity via unauthorized access—threatens the ability of WWS facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities,” the advisory states.

TechRadar needs yo...

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

The agencies have detailed the attacks in order to share several measures to help businesses mitigate similar adversarial activity.

Ransomware mitigation 101

The previously unreported attacks took place in March, July, and August of 2021 and targeted facilities in Nevada, Maine, and California, respectively. 

In all incidents, the threat actors used different ransomware -- a variant of Ghost in California, ZuCaNo in Maine, and an unknown ransomware variant in Nevada -- to disrupt the operations.

While the advisory also mentions a couple of unsuccessful intrusions in 2020 and 2019, it doesn’t mention some widely reported non-ransomware incidents, including one that occurred earlier this year in February, when a hacker managed to gain remote access to the water treatment plant of a city in Florida and briefly pump in dangerous chemicals.

“Although cyber threats across critical infrastructure sectors are increasing, this advisory does not intend to indicate greater targeting of the WWS Sector versus others,” clarify the agencies as it uses these incidents to share detailed mitigations to help businesses prevent, detect, and respond to such cyber incidents.

Via The Record

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.