The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with other federal agencies, recently released a Joint Cybersecurity Advisory regarding ongoing malicious activity targeting water and wastewater systems.

The advisory provides city leaders and staff of water and wastewater facilities with an overview of the various methods malicious actors are using to target potential vulnerabilities in utility systems. Specifically, agencies have seen a rise in attacks targeting information technology networks and operational technology systems. Some examples of attacks include targeting access applications (services connected to the internet), outdated operating systems and software, and devices with vulnerable firmware.

Federal agencies recommend that water and wastewater systems review current information and operation systems to ensure software and firmware are up to date. Additionally, systems leaders should work to achieve an organizational culture that fosters cybersecurity readiness.

For more information, please review available resources from CISA.