2021.7.15
Was this email forwarded to you? Subscribe here

The vast majority of water utilities in the country serve fewer than 10,000 people. These utilities face unique challenges in defending themselves against cyberattacks. Photo © Colin / Wikimedia Commons

Cheap Cybersecurity Defenses Exist, But They’re Not Reaching Water Utilities Who Need Them 

On February 5 of this year, a hacker gained remote access to a water treatment plant in the town of Oldsmar, Florida. The intrusion lasted only a few minutes — just long enough for the hacker to raise the concentration of lye in the water by a factor of 1,000. It was detected five and a half hours later, when an employee happened to glance at his screen and noticed an irregularity.

It was an outcome that cybersecurity experts had been warning of for ages. And Oldsmar, which serves just under 15,000 people, wasn’t an outlier; one in six water systems reported experiencing at least one IT-related incident in the past year, according to a survey by the Water Information Sharing and Analysis Center (WaterISAC) earlier this year.

The vast majority of water utilities in the country serve fewer than 10,000 people, and they tend to have less resources and tighter budgets than their larger counterparts. As a result, these utilities face unique challenges in defending themselves against cyberattacks.

For many, cybersecurity is the last item on a laundry list of more pressing issues.

HotSpots H2O: Kazakhstan’s Lake Balkhash Is Disappearing, Continuing a Trend of Desiccation in Central Asia


Viewed from space, the Balkhash drainage basin resembles a shape of life: many thin blue veins, flowing towards their heart. The likeness is fitting, as survival in southeastern Kazakhstan, an area exposed to dusty winds and extreme heat, depends on Lake Balkhash and the seven rivers that empty into it. For decades this water system has been endangered by increased evaporation and the extraction of water for agriculture. In 2021, over 3 million people are feeling the effects of a hydrological vanishing act: the shrinking of the blue waters of Central Asia’s largest lake into a dehydrated landscape of greens and browns. 

Lake Balkhash, which stretches nearly 400 miles east-to-west and is the world’s fifteenth-largest lake by surface area, has no outlet. Its poor health is thus a consequence of increasingly meager inflows. The Ili River, which contributes more than three-fourths of the lake’s water, has become the key choke point.

What’s Up With Water – July 12, 2021


For the news you need to start the week, tune into “What’s Up With Water” fresh on Monday’s on iTunesSpotifyiHeart Radio, and SoundCloud.

Featured coverage from this week's episode of What's Up With Water looks at: 

  • In China, the vice premier has called for greater environmental protections along the Yellow River, the country's second-longest waterway. 
  • In the United States, in Tennessee, a controversial oil pipeline that would run through Black communities in the Memphis area will not be built.
This week, Circle of Blue reports on the physical and mental strain of natural hazards that turn into constant disasters. 
From Circle of Blue's Archives: 

Industrial control systems, which operate the pumps, valves, and disinfection systems at drinking water treatment plants, are at increasing risk of cyberattack. Photo © J. Carl Ganter / Circle of Blue

Water Sector Prepares For Cyberattacks


In the evolving realm of cybersecurity, where the risks today are different than just a few years ago and the threats tomorrow will be different still, a water utility’s size may not be the most important characteristic for those looking to do harm. “Sometimes cyberattacks are targets of opportunity,” Michael Arceneaux, managing director of WaterISAC, a cybersecurity information hub for the water sector, told Circle of Blue.

The opportunities for malicious activity are increasing. More and more water utilities, in order to save money by remote monitoring, are connecting their control systems to the internet. Meanwhile, hackers are developing computer viruses capable not only of stealing data, but also of taking control of critical infrastructure. “Cybersecurity is a huge and emerging public risk,” Daniel Groves, cybersecurity program manager at Arcadis, a consultancy, told Circle of Blue. “It’s growing more complicated and difficult daily. The attacks are becoming more sophisticated.”

Share
Tweet
Forward

Donate to Circle of Blue | Forward to a Friend | More Water News at Circle of Blue

Circle of Blue | 800 Cottageview Drive, Suite 1042 | Traverse City, MI 49684 | US +1.231.941-1355

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list