Cyberattacks on U.S. water utilities worsen, posing growing threat to infrastructure, study finds
(UI) — A new report from cybersecurity firm Semperis reveals that critical infrastructure operators in the U.S. and U.K. are facing an intensifying wave of cyberattacks, particularly targeting water and electricity utilities. The report found that 62% of utility operators were targeted in the past year, and of those, 80% experienced multiple attacks. More than half reported permanent data or system loss.
The study, The State of Critical Infrastructure Resilience, cites an increase in attacks from nation-state actors. One such incident involved the Volt Typhoon group, linked to the Chinese government, which breached a public utility in Littleton, Massachusetts. American Water Works, the largest water utility in the U.S., also reported a cybersecurity breach that disrupted customer service and billing.
In response, the U.S. Environmental Protection Agency issued an advisory urging water utilities to improve their ability to detect and respond to cyber threats.
Chris Inglis, the first U.S. National Cyber Director and Semperis Strategic Advisor, warned of ongoing infiltration attempts: “Many public utilities likely don't realize that China has infiltrated their infrastructure,” he said. “Chinese-sponsored threat actors like Volt Typhoon are known to prefer Living off the Land attacks, which are difficult to detect and can remain dormant.”
The report also found that 81% of attacks compromised identity systems such as Active Directory and Okta. Despite this, 38% of utility operators said they did not believe they had been targeted, a figure experts see as alarmingly high.
“If you don't improve resilience, attackers keep coming,” said Semperis CEO Mickey Bresman. “Utilities need to assume breaches will happen and prepare accordingly.”
To mitigate future attacks, the report recommends that utilities identify Tier 0 infrastructure, prioritize incident response, and test secure recovery procedures regularly.
Related News
From Archive
- HDD industry faces challenges as cities push back on fiber drilling disruptions
- 2 workers killed, 1 injured while working on sewer line in Mobile, Ala.
- Tunnel boring continues under Chesapeake Bay for $3.9 billion HRBT Expansion project
- $5.3 billion, 516-mile pipeline to connect Texas to Arizona through New Mexico
- Judge approves construction for key portion of $485 million pipeline in Larimer County, Colo.
- New products: Latest industry developments
- 31 workers rescued after LA tunnel partially collapses
- Ohio Supreme Court rules sewer line location isn’t a ‘defect’ in property dispute
- Faulconer Construction begins rock blasting for water pipeline project in Charlottesville, Va.
- $5.3 billion, 516-mile pipeline to connect Texas to Arizona through New Mexico
Comments