US Seeks Keep Critical Sectors Safe from Cyberattacks

(AP) — A top Biden administration official says the government is undertaking a new effort to help utilities, water districts and other critical industries protect against potentially damaging cyberattacks.

“Our aim is to ensure that control systems serving 50,000 or more Americans have the core technology to detect and block malicious cyber activity,” Anne Neuberger, deputy national security adviser, said in an interview with The Associated Press on Thursday. “That’s it in a sentence. Clear, clean goal, but it’s going to take a lot of work to get there.”

The public-private partnership reflects the administration’s concerns about the vulnerability of vital systems, including the electric grid and water treatment plants, to hacks that could cause catastrophic consequences to American life. Though there is a history of government working with utilities, officials believe the threat has increased as more utility systems are connected to the Internet, and the Biden administration wants to make fast progress in blocking any attacks.

That threat to critical infrastructure was laid bare in February after a hacker’s botched attempt to poison the water supply of a small Florida city raised alarms about how vulnerable the nation’s utilities may be to attacks by more sophisticated intruders. 

A local sheriff said that the water supply of Oldsmar, population 15,000, was briefly in danger when an unknown hacker used a remote access program shared by plant workers to briefly increased the amount of lye — sodium hydroxide — by a factor of 100. Lye is used to lower acidity, but in high concentrations it is highly caustic and can burn. It’s found in drain cleaning products. 

A supervisor monitoring a plant console about 1:30 p.m. saw a cursor move across the screen and change settings and was able to immediately reverse it. The intruder was in and out in five minutes. Suspicious incidents are rarely reported and usually are chalked up to mechanical or procedural errors, experts say. No federal reporting requirement exists, and state and local rules vary widely.

The nation’s 151,000 public water systems lack the financial fortification of the corporate owners of nuclear power plants and electrical utilities. They are a heterogenous patchwork, less uniform in technology and security measures than in other rich countries.

Additionally, federal prosecutors charged a Kansas man who they said accessed a rural water district’s protected computer system without authorization and “performed activities that shut down the processes at the facility which affect the facilities cleaning and disinfecting procedures.”

Related News

From Archive

Comments

{{ error }}
{{ comment.comment.Name }} • {{ comment.timeAgo }}
{{ comment.comment.Text }}