Why Biden Was Proved Right on Push to Secure Water Utilities

Share
Biden has been calling for better cyber resilience of water for a while
The outgoing President has seen the threats posed by cyber attacks on specific utilise like water and has thus been pushing for tighter regulations

In what will come as an unpleasant ‘I told you so’ moment for outgoing President, Joe Biden's emphasis on cyber resilience for water systems has rung true after the US largest publicly regulated water and wastewater fell victim to a cyber-attack.

This incident that hit American Water, although did not impact the operation of its water and wastewater facilities, was reported to the SEC after the company discovered unauthorised activity within its networks on October 3. A number of specific systems have been shut down and suspension placed on customer billing as a precaution.

Still the incident has sent shockwaves through the utility sector and vindicated the Biden administration's persistent warnings about the vulnerability of essential services to digital threats.

A growing threat to critical infrastructure

This incident is not isolated but part of a worrying trend of cyber-attacks targeting critical infrastructure in the US. 

Earlier this year, US intelligence agencies, including the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA), warned that state-sponsored hackers had successfully breached several critical infrastructure sectors, including water systems. 

In light of these escalating threats, the White House has made upping the country's cybersecurity one of its core drives. This saw them send a stark warning to US governors specifically highlighting that "disabling" cyberattacks targeting water systems are occurring throughout the country. 

"These attacks have the potential to disrupt the critical lifeline of clean and safe drinking water, as well as impose significant costs on affected communities," National Security Advisor Jake Sullivan and EPA Administrator Michael Regan said at the time. 

Biden's push for cyber resilience

President Biden's administration therefore has been pushing for increased cyber resilience in critical infrastructure since taking office. The administration's efforts include:

Youtube Placeholder
Key moves
  • 1. Inviting state officials to a meeting to discuss improving digital defences for over 150,000 utilities in the US
  • 2. Setting up a water sector cybersecurity task force through the EPA to outline challenges and develop defence strategies
  • 3. Attempting to impose more stringent cybersecurity rules for water utilities, although this effort faced legal challenges

The cyber challenges ahead

Despite these efforts, the water sector continues to lack binding cybersecurity rules. The EPA's attempt to use its sanitation authorities to impose cybersecurity mandates was part of a larger effort to add more stringent regulations to critical infrastructure sectors, many of which are currently unregulated in terms of cybersecurity.

Yet, the breach of American Water, a company that provides essential water and wastewater services to over 14 million people across 14 states, serves as a wake-up call for the entire utility sector and serves as fuel for further regulation. 

Although the incumbent is due to leave office, the American Water incident should highlight that the administration recognised is real, and so such a push could continue past his tenure. 

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand

Share

Featured Articles

Resilience: Firms Fail to Grasp Cyber Financial Impact

Resilience and YouGov survey reveals 74% of mid to large UK businesses face cybercrime, while ransomware understanding lags behind data breach concerns

SonicWall and CrowdStrike Unite for SMB Security Service

SonicWall partners with endpoint protection specialist CrowdStrike to offer managed detection and response capabilities through managed service providers

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

FS-ISAC CISO JD Denning explains the cyber strategies financial providers need to adopt in order to stay afloat in the wave of cyber attacks

Darktrace Reports 692% Surge in Black Friday Cyber Scams

Cyber Security

KnowBe4 Launches AI Agents to Counter Phishing Threats

Technology & AI

Gen Reports 614% Rise in Command Prompt Manipulation Scams

Cyber Security