Federal Agencies Issue Advisory on Cybersecurity for Water Systems by ACWA Staff Feb 17, 2021 Water News A Joint Cybersecurity Advisory by federal agencies offers background and recommendations regarding the recent compromise of a U.S. water treatment facility in which a hacker was able to change a treatment chemical dosage in real time. The advisory is co-authored by the FBI, U.S. Environmental Protection Agency, U.S. Cybersecurity & Infrastructure Agency and the Multi-State Information & Analysis Center, part of the nonprofit Center for Internet Security. It includes a summary of the incident informed by personnel who assisted with the onsite response, threat overviews based on what was observed, and series of recommendations organizations are encouraged to consider to protect themselves against similar activity. The advisory states cyber actors likely accessed the system by exploiting cybersecurity weaknesses, such as an outdated operating system (Windows 7), and that it is possible a desktop sharing software (TeamViewer) may have been used to gain access to the system. Based on these findings and observations from other activity, the advisory includes threat overviews for desktop sharing software and Windows 7 end of life. These threat overviews discuss how cyber actors have been observed exploiting these systems for malicious activities. The advisory also includes a specific recommendations category for water and wastewater systems, which emphasizes the importance of installing independent cyber-physical safety systems. As the advisory notes, these are systems that physically prevent dangerous conditions from occurring if the control system is compromised by a threat actor. It observes that these types of controls can be of particular benefit to smaller systems, such as the one involved in the recent incident, which may have limited cybersecurity capabilities. The advisory also includes general recommendations and TeamViewer software recommendations. The full advisory can be accessed here.