With cyber-attacks on US water systems on the rise government officials have issued a message to governors. “We need your support to ensure that all water systems in your state comprehensively assess their current cybersecurity practices,” said EPA Administrator Michael Regan and National Security Advisor Jake Sullivan. “even basic cybersecurity precautions” are not in place at water facilities and “can mean the difference between business as usual and a disruptive cyberattack.”
Back in November, hackers breached industrial equipment to display an anti-Isael message on equipment. Many of these attacks are not random armature hackers but sophisticated state-backed groups. Chinese state-backed hackers have also been identified by US officials as responsible for several hacks on water infrastructure.
So what does the government say you can do to protect your systems?
- Reduce Exposure to the Public-Facing Internet
- Conduct Regular Cybersecurity Assessments
- Change Default Passwords Immediately
- Conduct an Inventory of Operational Technology/Information Technology Assets
- Develop and Exercise Cybersecurity Incident Response and Recovery Plans
- Backup OT/IT Systems
- Reduce Exposure to Vulnerabilities
- Conduct Cybersecurity Awareness Training
This is a lot to tackle and some of these aren’t as simple as they may appear so let's focus on a few things to focus on first.
Changing default passwords immediately, any device or system that has a default factory password is extremely dangerous as these are easily guessed and, in many cases, well-known and sold on the Dark web. So, changing these to complex passwords prevents hackers from simply being able to walk through the door. To use an analogy one open door gives them access to the whole house, a single point of entry can spell disaster for your whole operation.
Backup OT/IT Systems, having a secure and offsite backup of your system is critical for any business and not just to protect against back actors. In the event of natural disasters having an offsite backpack would allow you to get up and running again quickly. This goes hand and hand with an incident response plan giving you clear expectations of how and where you will go to bring this backup online and get your operation running again.
Conduct Cybersecurity Awareness Training, hackers often use social engineering and the human element to infiltrate systems. A simple mistake of opening a bad link or logging into a company device from an unsecured network can be the one door that lets hackers into the whole house. Conducting regular and constant training is critical because it's not one person's job to stop hackers but instead everyone is responsible for helping hold the doors closed.
Want to know more about how we help tackle these issues or want to gain a better picture of your risks, give us a call for a FREE IT assessment today!
