CYBER SYRUP
Delivering the sweetest insights on cybersecurity.

EPA Creates Taskforce to Protect Water Infrastructure

The U.S. Environmental Protection Agency (EPA) has announced the formation of a new "Water Sector Cybersecurity Task Force" to address the growing cyber threats facing the nation's water systems.

"In recognition of the vulnerabilities faced by water systems to cyberattacks and the challenges in adopting best practices, this Task Force aims to leverage collaborative efforts and build upon existing initiatives," stated the EPA.

In a joint letter to all U.S. Governors, EPA Administrator Michael Regan and National Security Advisor Jake Sullivan emphasized the importance of securing water and wastewater systems (WWS) to ensure uninterrupted access to clean and safe drinking water.

Recent cyber intrusions targeting the nation's water systems, attributed to threat actors including the Iranian hacktivist group Cyber Av3ngers and the China-linked Volt Typhoon, underscore the urgent need for enhanced cybersecurity measures.

"Drinking water and wastewater systems are prime targets for cyberattacks due to their critical infrastructure status and limited resources for robust cybersecurity practices," Regan and Sullivan warned.

This initiative aligns with the release of a new fact sheet by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), urging critical infrastructure entities to defend against the escalating threat posed by Volt Typhoon. Recommendations include implementing secure by-design principles, robust logging, supply chain security, and raising awareness of social engineering tactics.

"CISA's warning underscores the pre-positioning of Volt Typhoon on U.S. critical infrastructure networks, posing a grave risk of disruption or destruction of essential services during heightened geopolitical tensions," cautioned the agency.

In a related development, cybersecurity firm SentinelOne highlighted China's aggressive media campaign spreading "unsubstantiated" narratives about U.S. hacking operations for over two years.

"China's repeated allegations aim to shape global perception of the U.S. as the 'empire of hacking,' reflecting broader geopolitical dynamics between the two nations," explained Dakota Cary, a China-focused consultant at SentinelOne.

While China's allegations shed light on the complex U.S.-China relationship, they also underscore the imperative for robust cybersecurity measures to safeguard critical infrastructure against evolving threats.