Dark
Light

EPA needs to step up water sector cybersecurity now

1 min read
38 views

TLDR:

  • The Government Accountability Office (GAO) is urging the Environmental Protection Agency (EPA) to enhance cybersecurity measures in the water sector.
  • The GAO’s report highlights vulnerabilities in water and wastewater systems and the need for a national cybersecurity strategy.

The latest report from the Government Accountability Office (GAO) emphasizes the urgent need for the Environmental Protection Agency (EPA) to bolster cybersecurity measures in the water sector. The report highlights the vulnerability of nearly 170,000 water and wastewater systems nationwide to cyber threats that have the potential to disrupt public health and the environment significantly.

In recent years, cyberattacks on water systems from nation-state actors and cybercriminals have underscored the real threat posed to these critical infrastructures. The report notes incidents like Iranian-linked hackers targeting a water system near Pittsburgh in 2023 and China-backed hackers attempting to breach drinking water systems.

Despite these risks, the water sector’s approach to cybersecurity remains fragmented and reactive, with many utilities struggling with outdated technology that complicates efforts to implement modern cybersecurity measures. The GAO’s report calls for the EPA to develop a national cybersecurity strategy to address sector-wide risks effectively.

The GAO has outlined four key recommendations for the EPA, including conducting a comprehensive sector risk assessment, developing and implementing a national cybersecurity strategy, evaluating legal authority, and seeking additional authority if necessary. The EPA has agreed to these recommendations and is expected to release an evaluation of its authorities and a risk assessment strategy by mid-2025.

Previous Story

DNS Attack Hijacks 35K Domains, Leaving Them Vulnerable Sitting Ducks

Next Story

Balance SecOps & IT for strong cybersecurity strategies

Latest from News