American Water Facilities Targeted by Foreign Cyber Attacks
Water utilities are warning of a recent increase in cyber attacks against their facilities that appear to be coming from foreign hackers.
Experts are now warning that cyber attacks are putting the water supply at risk as their frequency increases.
The tiny Aliquippa water authority in western Pennsylvania was perhaps the least-suspecting victim of an international cyber attack.
It had never had outside help in protecting its systems from a cyber attack, either at its existing plant that dates to the 1930s or the new $18.5 million one it is building.
Then it — along with several other water utilities — was struck by hackers targeting a piece of equipment.
Federal authorities say the hackers are Iranian-backed and targetted specific equipment because it is Israeli-made.
“If you told me to list 10 things that would go wrong with our water authority, this would not be on the list,” said Matthew Mottes, the chairman of the authority that handles water and wastewater for about 22,000 people in the woodsy exurbs around a one-time steel town outside Pittsburgh.
The hacking of the Municipal Water Authority of Aliquippa is prompting new warnings from U.S. security officials at a time when states and the federal government are wrestling with how to harden water utilities against cyber attacks.
The danger, officials say, is hackers gaining control of automated equipment to shut down pumps that supply drinking water or contaminate drinking water by reprogramming automated chemical treatments.
Besides Iran, other potentially hostile geopolitical rivals, including Communist China, are viewed by U.S. officials as a threat.
A number of states have sought to step up scrutiny to protect the water supply.
However, water authority advocates say the money and the expertise are what is really lacking for a sector of more than 50,000 water utilities.
Most water utilities are local authorities that, like Aliquippa’s, serve corners of the country where residents are of modest means and cybersecurity professionals are scarce.