Biden administration to require states report on water system cybersecurity threats
WASHINGTON (AP) — The Biden administration on Friday said it would require states to report on cybersecurity threats in their audits of public water systems, a day after it released a broader plan to protect critical infrastructure against cyberattacks.
The Environmental Protection Agency said public water systems are increasingly at risk from cyberattacks that amount to a threat to public health.
“Cyberattacks against critical infrastructure facilities, including drinking water systems, are increasing, and public water systems are vulnerable,” said EPA Assistant Administrator Radhika Fox. “Cyberattacks have the potential to contaminate drinking water.”
Fox said the EPA would assist states and water systems in building out cybersecurity programs, adding that states could begin using EPA’s guidance in their audits right away.
EPA said it would help states and water systems with technical know-how. The announcement made no mention of financial assistance.
Officials said recent surveys showed that states are inconsistent in their efforts to protect drinking water systems from cyberattacks — mainly on the operational technology used for safe drinking water. The EPA also said many water systems do not have cybersecurity practices — and that voluntary measures have “yielded minimal progress.” Experts have said many municipalities lack the money and expertise.
In 2021, a hacker’s failed attempt to poison the water supply of a small Florida city near Tampa raised alarms about the vulnerability of the nation’s 151,000 public water systems. In that incident, an intruder breached the system using a remote access program to increase the amount of sodium hydroxide to be added to the water by a factor of 100, local officials said. A supervisor monitoring a plant console caught the activity and stopped it.
Sodium hydroxide is used to lower acidity in swimming pools and drinking water but can cause chemical burns in high concentrations.
Anne Neuberger, deputy national security advisor for Cyber and Emerging Technologies, said Friday that EPA’s memo for states would establish minimum cybersecurity measures for municipal water after the administration previously did so for pipelines and the rail sector.
“Americans deserve to have confidence in their water systems’ resilience to cyberattackers,” Neuberger said.
Related News
From Archive
- Texas A&M weighs underground transit plan with Elon Musk's Boring Co. to reduce campus traffic
- Lynchburg, Va., breaks ground on largest-ever Blackwater CSO tunnel project
- Wyo-Ben’s Max Gel, Max Bore HDD system boost drilling efficiency, performance
- Federal court halts permits for 32-mile Tennessee gas pipeline project
- Cadiz to reuse steel from terminated Keystone XL pipeline for California groundwater project
- Wisconsin proposes new PFAS drinking water standards to align with federal rules
- Dog River pipeline replacement in Oregon improves water supply with new HDPE pipe
- Leaking wastewater systems named top source of San Diego River contamination, study finds
- New Portable Welding System From Miller
- Excavator Causes Puerto Rico Power Outage
Comments