News: 1728336612

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

American Water stops billing for H2O due to 'cybersecurity incident'

(2024/10/07)


American Water, which supplies over 14 million people in the US and numerous military bases, has stopped issuing bills and has taken its MyWater app offline while it investigates a hacking incident.

On Thursday, the dihydrogen monoxide business, which claims to be America's largest regulated water provider, spotted unusual activity on its networks and later determined it was the result of a cybersecurity breach. American Water [1]said it siloed off parts of its network to protect customer data, paused the MyWater billing app, and called in both law enforcement and outside security investigators.

"In an effort to protect our customers’ data and to prevent any further harm to our environment, we disconnected or deactivated certain systems. There will be no late charges for customers while these systems are unavailable," a spokesperson told The Register .

[2]

"Our dedicated team of professionals are working around the clock to investigate the nature and scope of the incident. As we continue to contain and remediate our environment, we will share updated information as appropriate on www.amwater.com. The company currently believes that none of its water or wastewater facilities or operations have been negatively impacted by this incident."

[3]

[4]

In an 8-K [5]filing [PDF], the water biz filed with regulators that, while the situation is still under investigation, it "does not expect the incident will have a material effect on the company, or its financial condition or results of operations."

[6]US warns Iranian terrorist crew broke into 'multiple' US water facilities

[7]Despite cyberattacks, water security standards remain a pipe dream

[8]America's enemies targeting US critical infrastructure should be 'wake-up call'

[9]DEF CON Franklin project enlists hackers to harden critical infrastructure

As The Register [10]has reported , the water industry is one of the key parts of America's critical infrastructure that is under active attack, and also very difficult to lock down. A big part of this is down to the industry's use of old operational technology that isn't patched as often as it should be, and is now under nation-state attack.

Last year the US government [11]warned that an Iranian group calling themselves CyberAv3ngers had hacked into multiple water suppliers' networks by exploiting Unitronics programmable logic controllers that were likely using the default passwords they shipped with. The group, backed by Iran's revolutionary guard, has [12]claimed to have broken into multiple water company systems in both the US and Israel.

China too has been active in trying to find weaknesses in America's water supply, Congress has [13]been warned , and in March 2023 the US Environmental Protection Agency [14]started requiring US states to audit the security of water systems, but [15]rescinded the rule after some states and water companies went to court over the issue. This year the EPA also [16]announced the creation of the Water Sector Cybersecurity Task Force to look at ways of hardening up America's suppliers to attack.

[17]

While American Water declined to say if the attackers in this latest case had been in touch, water systems are an obvious target for ransomware operators. Once the taps dry up people will get desperate and even the FBI is [18]now helping victims negotiate a payoff if lives are at stake from systems going down. ®

Get our [19]Tech Resources



[1] https://amwater.com/corp/security-faq?ref=dysruptionhub.zba.bz

[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2ZwRaAReb0I4Tip_FruDylwAAAAQ&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0

[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZwRaAReb0I4Tip_FruDylwAAAAQ&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33ZwRaAReb0I4Tip_FruDylwAAAAQ&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[5] https://d18rn0p25nwr6d.cloudfront.net/CIK-0001410636/f39167f1-1f3c-432a-969d-8cf1ad0d99f4.pdf

[6] https://www.theregister.com/2023/12/04/iran_terrorist_us_water_attacks/

[7] https://www.theregister.com/2024/09/07/us_water_cyberattacks/

[8] https://www.theregister.com/2024/05/09/china_russia_iran_infrastructure/

[9] https://www.theregister.com/2024/08/12/def_con_franklin_project_hopes_hackers/

[10] https://www.theregister.com/2024/09/07/us_water_cyberattacks/

[11] https://www.theregister.com/2023/12/04/iran_terrorist_us_water_attacks/

[12] https://www.theregister.com/2023/11/29/water_authority_ciso_iran/

[13] https://www.theregister.com/2024/02/01/china_attack_warning/

[14] https://www.theregister.com/2023/03/06/epa_security_public_water/

[15] https://www.theregister.com/2023/10/13/epa_rescinds_water_cybersecurity_rule/

[16] https://www.theregister.com/2024/03/20/us_water_sector_cybersecurity/

[17] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZwRaAReb0I4Tip_FruDylwAAAAQ&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[18] https://www.theregister.com/2024/09/18/fbi_flax_typhoon_ransomware/

[19] https://whitepapers.theregister.com/



It's 2024 ...

jake

... and STILL there are idiots who think connecting SCADA to publicly accessible networks is a good idea.

The mind absolutely boggles.

A certain old cat had made his home in the alley behind Gabe's bar for some
time, subsisting on scraps and occasional handouts from the bartender. One
evening, emboldened by hunger, the feline attempted to follow Gabe through
the back door. Regrettably, only the his body had made it through when
the door slammed shut, severing the cat's tail at its base. This proved too
much for the old creature, who looked sadly at Gabe and expired on the spot.
Gabe put the carcass back out in the alley and went back to business.
The mandatory closing time arrived and Gabe was in the process of locking up
after the last customers had gone. Approaching the back door he was startled
to see an apparition of the old cat mournfully holding its severed tail out,
silently pleading for Gabe to put the tail back on its corpse so that it could
go on to the kitty afterworld complete.
Gabe shook his head sadly and said to the ghost, "I can't. You know
the law -- no retailing spirits after 2:00 AM."