CISA posts incident response guide for water utilities

CISA warned of cyberthreats against the water and wastewater sector in an incident response guide published Thursday.
The incident response guide, which the U.S. cybersecurity agency published jointly with the FBI and Environmental Protection Agency, outlined cybersecurity best practices for water and wastewater sector utility operators as well as how said operators can expect to work with the federal government.
More than 25 organizations contributed to the report, including industrial security vendor Dragos, the American Water Works Association, the Trinity River Authority of Texas, Google and others.
CISA's incident response guide includes multiple sections.
CISA and the FBI included a section dedicated to the help they can offer WWS utility operators in the event of an incident.
CISA said it can provide tailored guidance, technical support, forensics and malware analysis.
The publication follows multiple attacks on WWS utility operators in recent months.
CISA last month detailed a campaign conducted by threat actors affiliated with the Iranian government.
In a section dedicated to nation-state activity, the vendor called attention to the campaign and said it has continued to observe probes and exploitation attempts.
Bob Rudis, vice president of data science at GreyNoise, told TechTarget Editorial that attacks on WWS utilities were notable risks, but not yet major threats.
He added that the vendor is in the process of standing up its telemetry to better track these kinds of attacks.
TechTarget Editorial has contacted CISA for additional comment.
Alexander Culafi is an information security news writer, journalist and podcaster based in Boston.


This Cyber News was published on www.techtarget.com. Publication date: Fri, 19 Jan 2024 00:43:07 +0000


Cyber News related to CISA posts incident response guide for water utilities

States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water Utilities - The tiny Aliquippa water authority in western Pennsylvania was perhaps the least-suspecting victim of an international cyberattack. Then it - along with several other water utilities - was struck by what federal authorities say are Iranian-backed ...
10 months ago Securityweek.com
New Microsoft Incident Response team guide shares best practices for security teams and leaders - The incident response process can be a maze that security professionals must quickly learn to navigate-which is no easy task. Surprisingly, many organizations still lack a coordinated incident response plan, and even fewer consistently apply it. ...
10 months ago Microsoft.com
Incident Response Plan: How to Build, Examples, Template - A strong incident response plan - guidance that dictates what to do in the event of a security incident - is vital to ensure organizations can recover from an attack or other cybersecurity event and minimize potential disruption to company ...
9 months ago Techtarget.com
What is digital forensics and incident response? - Digital forensics and incident response is a combined set of cybersecurity operations that incident response teams use to detect, investigate and respond to cybersecurity events. As the acronym implies, DFIR integrates digital forensics and incident ...
9 months ago Techtarget.com
How to Conduct Incident Response Tabletop Exercises - An incident response tabletop exercise is an activity that involves testing the processes outlined in an incident response plan. Attack simulations are run to ensure incident response team members know their roles and responsibilities - and whether ...
9 months ago Techtarget.com
Water services giant Veolia North America hit by ransomware attack - Veolia North America, a subsidiary of transnational conglomerate Veolia, disclosed a ransomware attack that impacted systems part of its Municipal Water division and disrupted its bill payment systems. After detecting the attack, Veolia has ...
9 months ago Bleepingcomputer.com
CISA, FBI and EPA Release Incident Response Guide for Water and Wastewater Systems Sector - With WWS Sector contributions, guide provides recommended actions and available resources throughout cyber incident response lifecycle. WASHINGTON - The Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and ...
9 months ago Cisa.gov
4 key steps to building an incident response plan - In this Help Net Security interview, Mike Toole, head of security and IT at Blumira, discusses the components of an effective security incident response strategy and how they work together to ensure organizations can address cybersecurity issues. An ...
4 months ago Helpnetsecurity.com
How to build a cyber incident response team - As an incident response manager himself, Valentin regularly coordinates security responses for companies of all shapes and sizes - including many of the examples discussed in this post. He explains everything you need to know about building and ...
11 months ago Heimdalsecurity.com
CISA posts incident response guide for water utilities - CISA warned of cyberthreats against the water and wastewater sector in an incident response guide published Thursday. The incident response guide, which the U.S. cybersecurity agency published jointly with the FBI and Environmental Protection Agency, ...
9 months ago Techtarget.com
Florida water agency latest to confirm cyber incident as feds warn of nation-state attacks - A regulatory agency in Florida that oversees the long-term supply of drinking water confirmed that it responded to a cyberattack over the last week as the top cybersecurity agencies in the U.S. warned of foreign attacks on water utilities. The agency ...
11 months ago Therecord.media
Hackers breach US water facility via exposed Unitronics PLCs - CISA is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers exposed online. PLCs are crucial control and management devices in industrial settings, and hackers compromising them could ...
11 months ago Bleepingcomputer.com
Congressmen Ask DOJ to Investigate Water Utility Hack, Warning It Could Happen Anywhere - Three members of Congress have asked the U.S. Justice Department to investigate how foreign hackers breached a water authority near Pittsburgh, prompting the nation's top cyberdefense agency to warn other water and sewage-treatment utilities that ...
11 months ago Securityweek.com
How to create an incident response playbook - Creating and maintaining an incident response playbook can significantly improve the speed and effectiveness of your organization's incident response. To help, here's a crash course on what incident response playbooks are, why they are important, how ...
10 months ago Techtarget.com
A Heimdal MXDR Expert on Incident Response Best Practices and Myth Busting - I got to talk to Dragoș Roșioru, a seasoned MXDR expert, about incident response best practices and challenges. Get an in-depth understanding of the do's and don'ts in incident response as Dragoș explains how to avoid the most common mistakes ...
10 months ago Heimdalsecurity.com
Important details about CIRCIA ransomware reporting - This landmark legislation tasks the Cybersecurity and Infrastructure Security Agency to develop and implement regulations requiring covered entities to report covered cyber incidents and ransomware payments. Ransomware attacks have become ...
5 months ago Securityintelligence.com
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
5 months ago Securityaffairs.com
Cybersecurity agency warns that water utilities are vulnerable to hackers after Pennsylvania attack - HARRISBURG, Pa. - Hackers are targeting industrial control systems widely used by water and sewage-treatment utilities, potentially threatening water supplies, the top U.S. cyberdefense agency said after a Pennsylvania water authority was hacked. The ...
11 months ago Abcnews.go.com
Cyberattack Defaces Israeli-Made Equipment at US Water Agency, Brewing Firm - The targets included the Equipment used by the Municipal Water Authority of Aliquippa, Pennsylvania and Brewmation, a New York-based company specializing in turnkey brewing and distilling equipment. U.S. officials have attributed a cyberattack on the ...
11 months ago Hackread.com
ICS at Multiple US Water Facilities Targeted by Hackers Affiliated With Iranian Government - The hackers behind recent cyberattacks targeting industrial control systems at water facilities in the US are affiliated with the Iranian government, according to security agencies in the United States and Israel. The FBI, CISA, the NSA, the EPA and ...
11 months ago Securityweek.com
CISA's OT Attack Response Team Understaffed: GAO - The US Government Accountability Office has conducted a study focusing on the operational technology cybersecurity products and services offered by CISA and found that some of the security agency's teams are understaffed. OT environments continue to ...
7 months ago Securityweek.com
CISA pledges to resolve issues with threat sharing system after watchdog report - On Friday, the Department of Homeland Security’s Office of the Inspector General published a report on Automated Indicator Sharing (AIS) — which was used to spread cyber threat intelligence and was mandated as part of a 2015 law. The nation’s ...
1 month ago Therecord.media
Two-day water outage in remote Irish region caused by pro-Iran hackers - Residents of a remote area on Ireland's west coast were left without water last week due to a cyberattack perpetrated by a pro-Iran hacking group targeting a piece of equipment the hackers complained was made in Israel. The incident affected a ...
10 months ago Therecord.media
Breaches by Iran-Affiliated Hackers Spanned Multiple U.S. States, Federal Agencies Say - A small western Pennsylvania water authority was just one of multiple organizations breached in the United States by Iran-affiliated hackers who targeted a specific industrial control device because it is Israeli-made, U.S. and Israeli authorities ...
11 months ago Securityweek.com
Hackers Hijacked Irish Water Facility that Interrupted Supply - Recently, there was a cyberattack on an Irish water utility that resulted in hackers gaining control of the system and disrupting the water supply. Last week, a private group water system in the Erris area was targeted by cybercriminals in a ...
10 months ago Cybersecuritynews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)