Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 19 submissions in the queue.
posted by janrinok on Saturday March 23 2024, @12:42PM   Printer-friendly
from the weakest-link dept.

https://arstechnica.com/security/2024/03/critical-us-water-systems-face-disabling-cyberattacks-white-house-warns/

The Biden administration on Tuesday warned the nation's governors that drinking water and wastewater utilities in their states are facing "disabling cyberattacks" by hostile foreign nations that are targeting mission-critical plant operations.

"Disabling cyberattacks are striking water and wastewater systems throughout the United States," Jake Sullivan, assistant to the president for National Security Affairs, and Michael S. Regan, administrator of the Environmental Protection Agency, wrote in a letter. "These attacks have the potential to disrupt the critical lifeline of clean and safe drinking water, as well as impose significant costs on affected communities."

[...] The letter extended an invitation for secretaries of each state's governor to attend a meeting to discuss better securing the water sector's critical infrastructure. It also announced that the EPA is forming a Water Sector Cybersecurity Task Force to identify vulnerabilities in water systems. The virtual meeting will take place on Thursday.

"EPA and NSC take these threats very seriously and will continue to partner with state environmental, health, and homeland security leaders to address the pervasive and challenging risk of cyberattacks on water systems," Regan said in a separate statement.

Related stories on SoylentNews:
An Online Dump of Chinese Hacking Documents Offers a Rare Window Into Pervasive State Surveillance - 20240229
US Says China's Volt Typhoon Is Readying Destructive Attacks - 20240216
The Internet Enabled Mass Surveillance. A.I. Will Enable Mass Spying - 20231206
Teens With "Digital Bazookas" Are Winning the Ransomware War, Researcher Laments - 20231116
How China Gets Free Intel on Tech Companies' Vulnerabilities - 20230913
Microsoft Links Russia's Military to Cyberattacks in Poland and Ukraine - 20221113
U.S. Charges Four Russian Government Workers With Hacking Energy Sector - 20220327
Microsoft Warns of Destructive Disk Wiper Targeting Ukraine - 20220118
Breached Water Plant Employees Shared Same Password, No Firewall - 20210211
DOJ: Chinese Hackers Stole "Hundreds of Millions of Dollars" of Secrets - 20200722
Chinese Digital Spying is Becoming More Aggressive, Researchers Say - 20200326
Vietnam's Battalions of 'Cyber-Armies' Silencing Online Dissent - 20200117
A New Hardware Implant Shows How Easy It May be to Hide Malicious Chips - 20191013
Congress Mobilizes on Cyber Threats to Electric Grid - 20190715
How a Hacker Network Turned Stolen Press Releases into $100 Million - 20180826
U.S. State and Local Governments Receive Malware-Containing CDs Mailed from China - 20180731
Ukrainian DNC Hack-Author has Turned Himself in and is Cooperating with FBI - 20170816
FIN7 'Cyber-Mafia' Group Giving Heartburn to the U.S. Restaurant Industry - 20170528
Interview with Cybersecurity Expert Jeffrey Carr about Crowdstrike's Russian Hacking Claims - 20170417
Hacker Rigged Elections in Nine Latin American Countries - 20170308
Chinese Businessman Pleads Guilty to Conspiring to Hack US Defense Contractors - 20160326
China Hacks on US Continue, Facebook to Warn Users About Potential State-sponsored Attacks - 20151019
CIA Officers Pulled from China Because of OPM Breach - 20151002
North Korean Defector Warns that Hackers Could Kill - 20150530


Original Submission

 
This discussion was created by janrinok (52) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Interesting) by canopic jug on Sunday March 24 2024, @05:40AM

    by canopic jug (3949) Subscriber Badge on Sunday March 24 2024, @05:40AM (#1350069) Journal

    [...] I'm a green-site refugee and despite my daily headaches with Windows [...]

    More noticeably I see that defending m$, Windows, and Bill against all criticism, especially legitimate criticism, is also has become a trope, particularly on censorious sites like the two orange ones. I can't say about the green site, but it too was like that when I last logged in there it so very long ago. Whining about common writing styles is one way to distract from the actual topic, a topic which hurts m$ and its minions.

    Back to the topic at hand and leaving the debate about style aside, here, on SN, the fine article linked to in the very summary at the top includes mention by name of Unitronics [unitronics.com] which is most clearly a Windows problem. It is even named as a factor (aka problem) in the Florida, Pennsylvania, and other state water treatment facility breaches.

    The Windows deployments there and elsewhere did not occur spontaneously. Those misfit products were ordered purchased and ordered deployed by real people with names and addresses. If the US were serious about the network security problems surrounding water treatment, they could be solved quite quickly by any number of approaches, some faster some slower. But slow or fast, solving them is possible. If someone were to drill holes all over or blast a dam, the feds would swoop in probably even at the planning stage. If someone were to build a dam with knowingly substandard methods or materials or design, the feds would swoop in, probably even at the planning stage. Yet, although water treatment and management is essential, critical national infrastructure all knowledge and best practices are thrown out because of Windows and M$ exceptionalism. The products are not fit for purpose and everyone knows it, and those products have been that way for so many decades one can accurately say it is by design. However, since the pivot to politics and lobbying by M$ since back around the turn of the century, no one is allowed to say it or call them out. The government's announcements of memos, letters, and press releases are not going to solve the widespread managerial problems which lead to nation-crippling Windows deployments. Sending fines, jail sentences, or polished boots will.

    --
    Money is not free speech. Elections should not be auctions.
    Starting Score:    1  point
    Moderation   +2  
       Interesting=1, Informative=1, Total=2
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4