Rapid digital transformation, Industry 4.0, AI adoption, and Internet of Things devices are popping up in every sector. A desire to improve productivity and make data-driven decisions expands surface areas for hackers to target information-rich companies.
But what data does water have to offer to cyber criminals?
It makes sense for hackers to target medical or financial institutions, so why is there a sudden uptick in cyberattacks on water treatment plants?
The focal point of threat actors is infiltrating and exploiting critical infrastructure.
What Is Water Cybersecurity?
Water cybersecurity encompasses how businesses that manage water storage, distribution, and treatment can build defenses against cyber threats as they become more digitized.
Water treatment processing relies on tech tools to perform various essential tasks:
- Identifying contaminants
- Communicating machine faults
- Reporting compliance updates
- Managing third-party communications
- Data gathering for machine learning algorithms
- Suggesting process improvements
- Automate research
- Execute water treatment solutions
- Documenting key performance indicators
- Sharing data with stakeholders
These data stores are influential and society-altering. They represent billions of dollars and the well-being of citizens across nations — especially if threat actors allow toxic chemicals back into environments that further damage habitats or farmland.
To improve cybersecurity, water treatment plants will need comprehensive strategies focusing on more than basic verification measures and strong passwords.
What Will Happen if Water Treatment Doesn’t Act?
Hackers are more likely than ever to target critical infrastructure in their attacks. The financial gain threat actors can pocket by interrupting vital services like internet or water access is too hefty to pass up for even the most minor criminal outfits.
In 2021, hackers obtained credentials to log in to a San Francisco wastewater treatment facility.
The credentials were from an ex-employee, and the water facility did not implement data minimization or curation strategies to delete this useless data before hackers stole it.
Situations like this inspire threat actors to manipulate oversights and commit crimes like deleting water treatment software, exposing citizens to untreated resources.
They could disrupt any part of the treatment process — from water screening to sedimentation — sneakily interrupting service quality to harm citizens and dismantle water treatment facilities’ reputations.
Distributed denial-of-service attacks are critical because they cause downtime, which hurts productivity. But more importantly, that service disruption impairs society at large, causing household and community distress as water becomes hard to come by.
Hackers assume water treatment processing doesn’t have thorough storage or backup strategies for all the data they’re collecting.
That reality makes them prime targets for ransomware, where water treatment plants would likely pay ransoms to get their data back because they don’t have updated or accessible copies of current corporate knowledge.
How Can Treatment Plants Stay Safe?
Water sector cybersecurity risk management guidance suggests following government standards. Regulatory bodies worldwide — like the Cybersecurity and Infrastructure Security Agency in the United States and the NIS Directive in the EU — are gathering best practices for companies to prioritize cybersecurity for water treatment.
They must make these suggestions malleable, as water treatment processing varies in scope and size.
The overarching cybersecurity umbrella includes numerous branches and options for reinforcing security.
It could encompass analyzing data privacy and storage or who has access and control over what documents and software.
Reaching out to third parties for penetration testing or cybersecurity audits can reveal the top priorities to invest in.
Some companies may be further on their journey than others, and providing a blanket solution would waste treatment plants’ time and finances.
Based on cybersecurity trends in recent critical infrastructure attacks and leading organizational recommendations, these strategies are the most vital to consider in crafting a water cybersecurity risk management plan:
- Eliminate external network access
- Use network segmentation to separate critical silos
- Employ additional verification, such as multi-factor authentication or biometrics
- Incorporate permission limitation frameworks like least-privilege, zero-trust, or role-based access controls
- Study cross-platform security, including mobile applications
- Perform proactive cyber hygiene training for all staff, including non-digital threats like social engineering
- Install detection and remediation software alongside internal term or third-party cybersecurity assistance
Boosting Resilience for Water Treatment Digitization
Water treatment processing plants must place water cybersecurity at the top of their to-do list.
Even the most straightforward preventative measures could protect companies, citizens, and the environment from catastrophic societal upsets, including water contamination and service disruptions.
Businesses can look to golden standards and compliance recommendations for guidance on becoming more resilient against the medley of cyberattacks entering infrastructure.