Improving cyber resiliency for water utilities
Water utilities are at the forefront of safeguarding public health, safety, and the environment, and play a critical role in building community resilience. Many water utilities globally have been targeted by cyberattacks, increasing concerns about sector’s vulnerability to cyberattacks. As such, industry experts are calling for more measures and new cybersecurity rules to protect critical water infrastructure and services. With a strong and sustainable cybersecurity programme in place, water utilities can protect sensitive data, defend against cyber threats, and maintain uninterrupted operations even in the face of a cyberattack.
Cyberattacks are a reality for any organisation operating in today’s interconnected digital world. By approaching cybersecurity through the lens of community resilience, water utilities can take a proactive approach to risk management, implementing preventive measures and ensuring rapid restoration of services in the event of a cyberattack.
Types of Cyberattacks on Water Systems
A cyberattack is an attempt to compromise the function of an industrial control system (ICS) or enterprise systems or an attempt to track the online movements of individuals without their permission. Attacks of this type may be undetectable to the water utility or to the supervisory control and data acquisition (SCADA) system administrator but can lead to a total disruption of a water utility’s network.
The attacks may include:
- Denial of Service: Flooding a network or web server with false requests to crash or make the resource unavailable to its intended users
- Ransomware Attacks: The attacker locks/encrypts the ICS systems with malware and demands a ransom for it to be released
- Spyware: Monitors user activity
- Trojan Horse: Malicious file or programme that disguises itself as a genuine programme file
- Virus: Attaches to existing programmes, then replicates and spreads from one computer to another
- Worm: Malicious file that replicates itself and spreads to other computers
- Sniffer: Monitors information travelling over a network
- Key Loggers: Records and transmits keystrokes and transmits to the originator
- Phishing: Fake websites or e-mails that look genuine and fetch confidential personal data
How To Mitigate Cyber Risk
It is important to take immediate and decisive action to mitigate cyber risk. It is a serious challenge, but with prompt action and a well-coordinated response, it is possible to mitigate the risk and minimise the impact. Here’s a step-by-step process to deal with the situation:
- Identify the extent and nature of the problem as well as assess the potential impact on operations, customers and other stakeholders.
- Prioritise the most critical systems and operations to ensure that they are protected and restored as soon as possible.
- Communicate the situation to all relevant stakeholders, including customers, employees and local authorities. This helps to manage expectations and build trust.
- Consult cybersecurity experts to resolve issues and implement measures to prevent similar incidents from happening in the future.
Mitigating cyber risk requires a comprehensive and multi-layered approach that covers all aspects of a water utility’s operations. A robust cybersecurity programme should include measures to protect against cyber threats, detect and respond to incidents, and recover from any potential impact.
It is essential to have strong password policies and firewalls, but that’s just one aspect of a comprehensive cybersecurity programme. Other measures may include employee training, secure passwords, regular software updates, data backup and recovery plans, network segmentation, and risk assessments of third-party partners and vendors. Sensitive information, critical infrastructure and personal or customer data require protection.
By taking a strategic approach based on a comprehensive risk framework, water utilities can reduce the risk of cyber incidents and maintain the resiliency of their services for the benefit of the community.