CISA warned of cyberthreats against the water and wastewater sector in an incident response guide published Thursday.
The incident response guide, which the U.S. cybersecurity agency published jointly with the FBI and Environmental Protection Agency, outlined cybersecurity best practices for water and wastewater sector utility operators as well as how said operators can expect to work with the federal government.
More than 25 organizations contributed to the report, including industrial security vendor Dragos, the American Water Works Association, the Trinity River Authority of Texas, Google and others.
CISA's incident response guide includes multiple sections.
CISA and the FBI included a section dedicated to the help they can offer WWS utility operators in the event of an incident.
CISA said it can provide tailored guidance, technical support, forensics and malware analysis.
The publication follows multiple attacks on WWS utility operators in recent months.
CISA last month detailed a campaign conducted by threat actors affiliated with the Iranian government.
In a section dedicated to nation-state activity, the vendor called attention to the campaign and said it has continued to observe probes and exploitation attempts.
Bob Rudis, vice president of data science at GreyNoise, told TechTarget Editorial that attacks on WWS utilities were notable risks, but not yet major threats.
He added that the vendor is in the process of standing up its telemetry to better track these kinds of attacks.
TechTarget Editorial has contacted CISA for additional comment.
Alexander Culafi is an information security news writer, journalist and podcaster based in Boston.
This Cyber News was published on www.techtarget.com. Publication date: Fri, 19 Jan 2024 00:43:07 +0000