EPA to make states consider public water techniques’ cybersecurity

The Environmental Safety Company (EPA) would require states to judge cybersecurity as a part of their checks on public consuming water techniques. 

The company stated Friday that many such techniques haven’t taken primary steps to make sure their safety, at the same time as cyberattacks have gotten extra frequent. 

“Cyber-attacks towards crucial infrastructure services, together with consuming water techniques, are growing, and public water techniques are susceptible,” EPA Assistant Administrator Radhika Fox stated in an announcement. “EPA is taking motion to guard our public water techniques by issuing this memorandum requiring states to audit the cybersecurity practices of native water techniques.”

David Travers, the director of the EPA’s Water Infrastructure and Cyber Resilience Division, instructed reporters Thursday that the coverage was in response to assaults equivalent to one in Kansas the place an ex-employee nonetheless had login entry after being fired and was in a position to interrupt water remedy remotely. 

“That’s an instance of a really primary entry management measure that was not taken,” Travers stated, including that there have been different cases the place primary practices like software program updates that embrace safety improve haven’t occurred. 

States could have just a few choices for getting the cybersecurity checks finished, together with permitting utilities to do the evaluation themselves or having the state do the analysis.