Newsletters
Four U.S. federal agencies have issued a joint warning about an active Iranian-affiliated cyberattack campaign targeting the country's drinking water and wastewater systems, cautioning that critical infrastructure operators are already experiencing operational disruptions as a result.
The Environmental Protection Agency, the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, and the National Security Agency released the advisory on April 7, identifying an urgent and ongoing threat in which attackers are exploiting commonly used operational technology at water utilities across the country.
Organizations across multiple critical infrastructure sectors have reported concrete damage from the attacks, including configuration wiping, software-based tampering with mechanical sensors, and interference with human machine interfaces, the control systems operators use to monitor and manage water treatment processes. The agencies said the incidents have resulted in both operational disruption and financial loss.
The advisory is designed to help water system operators identify specific vulnerabilities being exploited and take steps to strengthen their defenses. The agencies underscored that the water sector remains an attractive target for groups seeking to destabilize U.S. critical infrastructure.
EPA Assistant Administrator for Enforcement and Compliance Assurance Jeffrey A. Hall warned that the stakes extend well beyond equipment damage. A single breach, he said, can disrupt treatment or introduce contaminants, damage equipment, and erode public trust. Hall added that EPA is working with law enforcement partners to disrupt ongoing attacks and hold perpetrators accountable, and urged water systems to immediately report any incidents to investigators.
Brett Leatherman, Assistant Director of the FBI's Cyber Division, said the advisory is intended to ensure organizations are best positioned to defend themselves, and that the broader goal is to prevent further operational disruption and financial loss while imposing costs on the actors behind the threat.
The EPA, which serves as the federal lead on water sector cybersecurity, noted that many of the improvements operators can make do not require costly hardware or software upgrades. The agency said procedural changes alone can significantly strengthen cyber defenses, meaning even utilities with limited technical resources can act. Free cybersecurity assessments, technical assistance, tools, and training are available through the agency's cybersecurity portal.
Cyberattacks on water infrastructure have drawn increasing federal attention in recent years. Water and wastewater systems present particular security challenges because many utilities, especially smaller ones, operate aging industrial control systems with limited IT staff and cybersecurity expertise, conditions that can make them vulnerable to exploitation by state-affiliated threat actors.
Set as preferred source
Set as preferred source
1 min read
1 min read
