A recent report from the Environmental Protection Agency (EPA) revealed that over 70% of surveyed water systems have failed to meet key cybersecurity standards, making them vulnerable to cyberattacks that could disrupt wastewater and water sanitation services across the United States.
During inspections, the EPA identified critical vulnerabilities in numerous facilities, such as default passwords that had never been updated from their initial setup. In response, the agency issued an enforcement alert, urging water system operators to improve their cybersecurity measures. Recommended actions include conducting an inventory of operational assets, implementing cybersecurity training programs, and disconnecting certain systems from the internet to enhance security.
The EPA has announced plans to increase inspections of water infrastructure and, when necessary, take civil and criminal enforcement actions to address any imminent and substantial threats to safety.
Under Section 1433 of the Safe Water Drinking Act, community water systems serving over 3,300 people are required to perform comprehensive safety assessments and update their emergency response plans every five years.
The high failure rate reported by the EPA indicates potential violations of this section, highlighting missed opportunities to protect these essential services through risk and resilience evaluations.
This alert follows a series of cyber incidents over th
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: