Cyber Security Warning: Water and Sewage-Treatment Municipalities
December 7, 2023
Attacks on American infrastructure show no signs of abating. Various threat actors have expressed intentions to undermine the American way of life by targeting crucial infrastructure components. The recent breach of a water treatment pump station in Western PA underscores the urgent need to refocus our efforts on enhancing security measures.
Security stands as the cornerstone of every controls project that NSI has consulted on. While “security” is commonly mentioned as a buzzword, few grasp the intricacies of the complex devices that implement protection right down to the packet level.
Outlined below are some fundamental aspects of security implementation:
Password Management
Infiltration often starts with the basics. The default password remains the easiest gateway for unauthorized access. Failing to change the default to a more robust password exposes vulnerabilities to threat actors. Managing user access as they transition within an organization can significantly reduce potential vulnerabilities in your control architecture.
Network Isolation
Does your network truly need constant connectivity to the global internet? Have you explored the use of virtual private networks or private APNs for remote assets to shrink the network’s surface area? Evaluate the necessity of connectivity. Consider the open ports on the network’s edge and their essentiality.
Support and Updates
Are you consistently updating your network’s software to the latest versions? Has your SCADA system addressed critical vulnerabilities in recent updates? Threat actors continually adapt their attack methods. Software that was secure last year may now be vulnerable. It’s crucial to stay ahead and ensure ongoing updates for your most critical assets.
Are you consistently updating your network’s software to the latest versions? Has your SCADA system addressed critical vulnerabilities in recent updates? Threat actors continually adapt their attack methods. Software that was secure last year may now be vulnerable. It’s crucial to stay ahead and ensure ongoing updates for your most critical assets.
Ask yourself the following questions. If any of your answers make you nervous then NSI Neal Systems can offer assistance:
1. Do you truly understand your network and is there a diagram showing all device make / model plus all connections?
2. Have you reduced or eliminated your exposure to the outside world i.e. Internet connections, remote access ports, allowance of USB sticks, cell modems and radios?
3. For the access that is available, have you reduced the number of people that can use it and do you support multi-factor authentication?
4. Do you have a firewall at the edges of your network?
5. Do you have a dedicated Industrial cyber security device that understand Modbus TCP, EtherNet IP and DNP3 and can examine each data packet as it passes through?
NSI works with hundreds of water facilities, private and municipal, from PA to NY to NJ to DE to MD to VA. We help with wireless systems, controls, RTUs, SCADA, and instrumentation. What you may not know is that we can help you with cybersecurity! Contact NSI today!
For more information on this topic click here!