Why Biden Was Proved Right on Push to Secure Water Utilities

Share
Biden has been calling for better cyber resilience of water for a while
The outgoing President has seen the threats posed by cyber attacks on specific utilise like water and has thus been pushing for tighter regulations

In what will come as an unpleasant ‘I told you so’ moment for outgoing President, Joe Biden's emphasis on cyber resilience for water systems has rung true after the US largest publicly regulated water and wastewater fell victim to a cyber-attack.

This incident that hit American Water, although did not impact the operation of its water and wastewater facilities, was reported to the SEC after the company discovered unauthorised activity within its networks on October 3. A number of specific systems have been shut down and suspension placed on customer billing as a precaution.

Still the incident has sent shockwaves through the utility sector and vindicated the Biden administration's persistent warnings about the vulnerability of essential services to digital threats.

A growing threat to critical infrastructure

This incident is not isolated but part of a worrying trend of cyber-attacks targeting critical infrastructure in the US. 

Earlier this year, US intelligence agencies, including the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA), warned that state-sponsored hackers had successfully breached several critical infrastructure sectors, including water systems. 

In light of these escalating threats, the White House has made upping the country's cybersecurity one of its core drives. This saw them send a stark warning to US governors specifically highlighting that "disabling" cyberattacks targeting water systems are occurring throughout the country. 

"These attacks have the potential to disrupt the critical lifeline of clean and safe drinking water, as well as impose significant costs on affected communities," National Security Advisor Jake Sullivan and EPA Administrator Michael Regan said at the time. 

Biden's push for cyber resilience

President Biden's administration therefore has been pushing for increased cyber resilience in critical infrastructure since taking office. The administration's efforts include:

Youtube Placeholder
Key moves
  • 1. Inviting state officials to a meeting to discuss improving digital defences for over 150,000 utilities in the US
  • 2. Setting up a water sector cybersecurity task force through the EPA to outline challenges and develop defence strategies
  • 3. Attempting to impose more stringent cybersecurity rules for water utilities, although this effort faced legal challenges

The cyber challenges ahead

Despite these efforts, the water sector continues to lack binding cybersecurity rules. The EPA's attempt to use its sanitation authorities to impose cybersecurity mandates was part of a larger effort to add more stringent regulations to critical infrastructure sectors, many of which are currently unregulated in terms of cybersecurity.

Yet, the breach of American Water, a company that provides essential water and wastewater services to over 14 million people across 14 states, serves as a wake-up call for the entire utility sector and serves as fuel for further regulation. 

Although the incumbent is due to leave office, the American Water incident should highlight that the administration recognised is real, and so such a push could continue past his tenure. 

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand

Share

Featured Articles

Why the UK’s Financial Authority Has Issued a Cyber Decree

The UK’s Financial Conduct Authority (FCA) has issued a cyber directive to financial firms following the CrowdStrike IT outage

Sustainability Secured: SolarEdge Devices Cyber Certified

SolarEdge has shown initiative to securing sustainability endeavours by getting certification for its products ahead of incoming mandatory requirements

Kyndryl and AWS: The Cyber Issues Facing the Energy Sector

Kyndryl and AWS survey highlights the cybersecurity readiness gap in energy enterprises, with oil & gas organisations among the top groups at risk

Customer Confidence: Hiscox Reveals Growing Cost of Attacks

Cyber Security

Supply Chain Security: Why Is It Key for the Energy Sector?

Cyber Security

Top 10 OT Platforms

Operational Security