FBI, CISA warn water facility operators of ongoing malicious cyber activity

Written by
Oct 14, 2021 | CYBERSCOOP

Ransomware attackers are continuing to target water and wastewater facilities, U.S. intelligence and law enforcement officials warned in a new bulletin based on incidents in five states.

A cybersecurity advisory published Thursday from the FBI, the Cybersecurity Infrastructure and Security Agency, the Environmental Protection Agency, and the National Security Agency highlighted incidents in five states between March of 2019 and August 2021, where systems were targeted by either ransomware attacks. In one case, a former employee of a Kansas-based facility tried to “threaten drinking water safety by using his user credentials…to remotely access a facility computer,” according to the alert.

Other incidents occurred in California, Maine, Nevada, and New Jersey.

The notice pointed to “ongoing malicious cyber activity—both by known and unknown actors,” targeting information technology and operational technology networks, systems, and devices.

“Recent ransomware incidents and ongoing threats demonstrate why all critical infrastructure owners and operators should make cybersecurity a top priority,” said Eric Goldstein, the executive assistant director for cybersecurity at CISA.

The list did not include a February 2021 attack at a water treatment facility in Oldsmar, Fla., where an intruder broke into the facility’s computer system and

Read More: https://www.cyberscoop.com/fbi-cisa-ransomware-hacking-warning/