American Water Hit by Cyberattack Amid Rising Threats to U.S. Infrastructure
American Water, the largest water utility in the United States, recently disclosed that it was the target of a cyberattack, prompting the company to shut down several systems, including its billing services. As cyberattacks on water systems across the country are increasing, some have been linked to geopolitical adversaries of the U.S., including Russia, Iran, and China. In a security statement published on its website, American Water confirmed it discovered “unauthorized activity in our computer networks and systems” last Thursday, which it determined to be a cybersecurity incident.
In response to the breach, American Water announced the suspension of its customer service portal and billing operations “until further notice,” assuring customers that no late fees or other charges would be incurred during this downtime. Recent hacks targeting significant U.S. companies have disrupted key online systems and created considerable challenges for consumers and businesses alike. For instance, a cyberattack on UnitedHealth resulted in widespread difficulties for patients and healthcare providers regarding prescription fulfillment and service payments.
The incidence of cyberattacks on U.S. water infrastructure has escalated, with some attacks attributed to foreign-linked cybercriminals. According to an Environmental Protection Agency (EPA) spokesperson, such threats encompass all drinking water and wastewater systems, regardless of size or location. American Water serves over 14 million residents across 14 states, including operations at 18 military installations.
A notable example includes a Russian-linked breach in January targeting a water filtration facility in Muleshoe, Texas, which is located near a U.S. Air Force base. Experts highlight that the water sector is among the least mature in terms of cybersecurity defenses. Furthermore, the FBI has alerted Congress about Chinese hackers gaining extensive access to U.S. cyber infrastructure, aiming to inflict damage on critical sectors, including water treatment facilities.
American Water has stated that it is still in the preliminary stages of the investigation and currently believes no facilities or operations have been compromised, maintaining that the water supply remains safe. The company is collaborating with law enforcement and cybersecurity experts to probe the incident further.
Additionally, the surge of cyber threats against essential water systems has led the EPA to issue alerts about compliance with the Safe Drinking Water Act, uncovering alarming cybersecurity vulnerabilities across many inspected water systems.
American Water reported first identifying the unauthorized access on October 3 and quickly determined it was part of a cyberattack, while the decision to deactivate customer systems aimed to protect sensitive data. The potential risk to customer information is still undetermined, and a company representative has refrained from additional comments beyond the official statement.
To protect against cyberattacks like the one experienced by American Water, companies should adopt a comprehensive approach. Implementing a Zero Trust Architecture is crucial, as it assumes threats can be both internal and external, thereby limiting access to systems. This can be complemented by network segmentation to isolate legacy systems and reduce exposure. Enhancing cyber hygiene through regular updates, patch management, and strong password policies can disrupt many potential attacks. Regular security training for employees is essential, helping them recognize phishing attempts and other threats, with training tailored to their specific roles. Companies should also have strong backup and disaster recovery solutions to ensure business continuity in the event of an attack. Monitoring and managing third-party risks are important, ensuring vendors follow strict security protocols and applying Zero Trust principles to their access. Utilizing advanced security tools like VPNs and secure browsers can protect sensitive data. Regularly reviewing and updating security policies to align with current threats and regulatory requirements is also necessary. Finally, preparing for crisis management by developing and practicing a crisis management plan ensures quick and effective responses to cyber incidents. By implementing these strategies, companies can significantly reduce their vulnerability to cyberattacks and enhance their overall security posture.
Not sure if you are protected against cyberattacks or want to consult an expert to make sure? Give the team at 2W Tech a call today!
Read More: