A U.S. government agency warned this week that foreign adversaries are carrying out cyberattacks against water and sewage systems across the United States.
“These attacks have the potential to disrupt the critical lifeline of clean and safe drinking water, as well as impose significant costs on affected communities,” their letter stated.
The letter noted that drinking water and sewage systems will likely be targeted by hackers because they are critical infrastructure used by tens of millions of people. Meanwhile, those systems often lack the resources or ability to implement proper security protocols, it warned.
“Even basic cybersecurity precautions—such as resetting default passwords or updating software to address known vulnerabilities—are not in place and can mean the difference between business as usual and a disruptive cyberattack,” the letter stated.
It pointed out a recent incident in which alleged Iranian government-backed hackers disabled a controller at a Pennsylvania water facility. The letter also stated that a Chinese state-backed group called “Volt Typhoon” has “compromised information technology of multiple critical infrastructure systems, including drinking water, in the United States and its territories.”
Several Pennsylvania lawmakers, including Rep. Chris Deluzio (D-Pa.) and Sens. John Fetterman (D-Pa.) and Bob Casey (D-Pa.), said that if a hacking attempt “like this can happen here in Western Pennsylvania, it can happen elsewhere in the United States” and that residents in “Pennsylvania and across the country deserve peace of mind that basic infrastructure such as their drinking water is safe from nation-state adversaries and terrorist organizations.”
Regarding the Chinese hacker group Volt Typhoon, the March 19 letter warned that its “choice of targets and pattern of behavior are not consistent with traditional cyber espionage,” and officials said that the group and others may be “pre-positioning themselves to disrupt critical infrastructure operations in the event of geopolitical tensions and/or military conflicts.”
National security officials have previously sounded the alarm that Chinese hackers also might be looking to target U.S. infrastructure in the event that the regime invades Taiwan.
Sen. Marco Rubio (R-Fla.), vice chairman of the Senate Intelligence Committee, responded to the AT&T outage by saying that if China targets U.S. infrastructure, “it will be 100 times worse.”
“And it won’t be just cell service they hit; it will be your power, your water, and your bank,” he said.
Florida Gov. Ron DeSantis, a Republican, said during a media event in the midst of the outage: “Imagine if we had an EMP [electromagnetic pulse] attack. What would end up happening to this country? You’re so naturally reliant on having cell service. It’s a little bit jarring to think about.”
Possibly the most egregious infrastructure hacking in recent years was the attack targeting the Colonial Pipeline in 2021, which forced the company to halt oil deliveries for about a week. A ransomware group known as DarkSide, allegedly based in Russia, appeared to claim responsibility for the attack, saying that it only wanted to “make money” and didn’t want to create “problems for society.”
The White House and Environmental Protection Agency’s letter on March 19 called on governors to back efforts to ensure that all water systems in their states identify any significant cybersecurity vulnerabilities, deploy measures to reduce cybersecurity risks where needed, and make plans to respond to and recover from cyber incidents.
