The Biden administration on Friday announced that it would require states to report on any cybersecurity threats present in public water systems in their audits. This requirement comes in response to increasingly frequent cyberattacks against public water systems, which could potentially contaminate drinking water and pose a public health threat.
To help states and water systems protect against such threats, the Environmental Protection Agency (EPA) stated that it will assist with providing technical know-how. The EPA also said that many water systems lack the necessary cybersecurity practices and that voluntary measures have not been effective.
The announcement came after a hacker attempted to poison a small Florida city’s water supply near Tampa in 2021. The hacker used a remote access program to increase the sodium hydroxide concentration, which can be a burn risk in high concentrations. Fortunately, a supervisor monitoring the plant console was able to detect the activity and stop it.
Some experts, however, questioned whether EPA’s approach would be effective, given the lack of resources and expertise available to many municipalities. The American Water Works Association also noted that training for states on cybersecurity risks was still ongoing.
The EPA’s announcement follows the White House’s release of a broader plan to protect critical infrastructure against cyberattacks, as well as measures to hold software companies responsible when their products fail to meet certain standards. Anne Neuberger, deputy national security advisor for Cyber and Emerging Technologies, said Friday that EPA’s memo for states would establish minimum cybersecurity measures for municipal water systems.
In conclusion, the Biden administration is taking steps to protect public water systems from cyberattacks. The EPA will provide technical know-how to states and water systems, while the White House is introducing broader measures to protect critical infrastructure against cyberattacks.
Key Points:
- The Biden administration announced a requirement for states to report on cybersecurity threats in audits of public water systems.
- Public water systems are increasingly at risk from cyberattacks which could contaminate drinking water and pose a public health threat.
- The EPA will provide technical know-how to states and water systems to help them protect against such threats.
- The White House released a broader plan to protect critical infrastructure against cyberattacks, as well as measures to hold software companies responsible for their products.