web analytics

Hacking the Floodgates: U.S. Dams Face Growing Cyber Threats – Source: www.databreachtoday.com

hacking-the-floodgates:-us-dams-face-growing-cyber-threats-–-source:-wwwdatabreachtoday.com
Rate this post

Source: www.databreachtoday.com – Author: 1

Critical Infrastructure Security

Hacks on Unregulated Dams Can Result in Mass Casualties, Experts and Lawmakers Warn

Chris Riotta (@chrisriotta) •
April 18, 2024    

Hacking the Floodgates: U.S. Dams Face Growing Cyber Threats
Dams need better cybersecurity, warn experts. (Image: Shutterstock)

Could a hacker seize control of America’s dams, unleashing floods and chaos across vulnerable communities? Cybersecurity analysts and leading lawmakers warn it’s possible.

See Also: Transforming the vision for Public Sectors in Australia New Zealand

During an April hearing on cybersecurity threats to critical water infrastructure, Sen. Ron Wyden, D-Ore., used stunningly apocalyptic framing to raise his concerns.

“As the chairman of the subcommittee responsible for dams, I don’t want to wake up to a news report about a small town in the Pacific Northwest getting wiped out because of a cyberattack against a private dam upriver,” the senator said.

Influential voices in the cybersecurity field typically avoid alarmist scenarios, favoring practical, actionable responses to threats. But with the majority of dams under Federal Energy Regulatory Commission oversight not having undergone comprehensive cyber audits, and only four full-time employees tasked with overseeing 2,500 dams nationwide, experts agree with Wyden about the vulnerability of the sector to cyberattacks that could result in loss of human lives.

“Human life and safety are in play here,” Padriac O’Reilly, a water cyber risk advisor for the Defense Department and chief innovation officer of the cyber risk firm, CyberSaint, told Information Security Media Group. “Operational technology, population centers near dams, critical power generation capacity – all of these coupled with a lack of knowledge with respect to the maturity of cyber risk management adds up to a very concerning picture.”

Only 5% of the 91,827 dams in the United States fall under federal regulation, as reports reveal a growing crisis in dam infrastructure nationwide. The average dam is nearly 50 years old, and approximately 2,200 classified as “high-hazard” – meaning their failure could result in fatalities – remain in poor or unsatisfactory condition.

Despite the vast majority of U.S. dams being operated by the private sector, FERC has not updated its cybersecurity requirements for commercial dam operators since 2016. The Cybersecurity and Infrastructure Agency, which serves as the dams sector risk management agency, also refers to a dams sector-specific plan from 2015 as the latest strategic guidance to reduce risks, improve coordination and strengthen security.

Rex Booth, CISA’s former chief of cyber threat analysis and CISO of the identity management platform SailPoint, said the entire water industry is often considered to be “among the least secure sectors” in terms of cybersecurity.

Dam and water system operators across the U.S. “typically have corporate cultures centered around traditional engineering and operational technology, which often run orthogonal to the faster pace of IT and cybersecurity,” Booth told ISMG.

“The water sector desperately needs federal support to bring their baseline of cybersecurity up to par,” Booth said. “They simply don’t have the budgets or expertise to do it on their own, and there’s far too much on the line to ignore the risk.”

During the dam cybersecurity hearing, Wyden reported that FERC cited a lack of funding and staff as reasons it could not audit the remaining dams within the next decade. Additionally, Wyden noted that the commission’s cybersecurity rules only apply to dams that are remotely managed over the internet, allowing companies to save money by not requiring on-site operators.

“Those cost savings for the dam operator lead to significantly greater cyber risks,” Wyden said. “FERC doesn’t have the resources it needs to be an effective regulator of the cybersecurity of private-sector run dams.”

“That’s a problem Congress needs to address now,” he added.

FERC is in the process of developing new cybersecurity guidance for the dam sector expected to be completed within the next nine months, according to Terry Turpin, the head of the commission’s office of energy projects. Turpin testified to a Senate panel in April that the commission was reviewing a recent Department of Homeland Security report to help shape its forthcoming guidance for the sector. The report criticized Microsoft after Russian state hackers successfully penetrated the inboxes of senior executives for the global computing giant using an unsophisticated hacking technique (see: Microsoft’s Latest Hack Sparks Major Security Concerns).

Many dam operators currently use Microsoft products and applications, according to Turpin. As dam functionality modernizes, experts say the internet exposed services that touch operational technology across the sector will increasingly become attractive targets to nation state actors aiming to cause disruption or substantial harm.

“The cybersecurity of the dam sector is at risk from under-resourcing in both the utilities that own and operate the dams and the federal agency that oversees them,” Mark Montgomery, senior director of the Foundation for Defense of Democracies’ Center on Cyber and Technology Innovation, told ISMG. “This risk is increasing as dams modernize and introduce more automated systems and controls.”

National security experts have long called on the federal government to enforce cybersecurity mandates across critical infrastructure sectors the way it mandates safety in automobiles and airplanes. Some have also warned that an attack on national water dam infrastructure could threaten public health and safety while posing severe operational risks, including water contamination, data theft and system disruptions.

Operational disruptions caused by cyberattacks on U.S. dam infrastructure “can halt essential services, potentially leading to severe health emergencies or deaths,” said Ken Dunham, cyber threat director for the Qualys Threat Research Unit. “Furthermore, the lack of separation between operational and internet-based technologies in legacy systems increases the vulnerability of dams to cyberattacks.”

Wyden urged FERC to accelerate the development of its cybersecurity standards and called on Congress to address the lack of comprehensive cybersecurity regulations across critical infrastructure sectors “rather than playing whack-a-mole one industry or agency at a time.”

Until the federal government forcefully mandates minimum cybersecurity requirements for dam operators, the sector will remain “on a path of of escalation that ends in one of two ways,” according to Eric Noonan, a national security expert and ceo of the cybersecurity firm CyberSheath.

Option one involves the government mandating sweeping cybersecurity measures and funding FERC to enforce those mandates, Noonan said.

Option two?

“If the government doesn’t act then we will inevitably suffer a never-before-seen cyberattack … people will suffer or die,” he said. “We shouldn’t have to wait for that to happen.”

Original Post url: https://www.databreachtoday.com/hacking-floodgates-us-dams-face-growing-cyber-threats-a-24894

Category & Tags: –

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

HADESS
DevSecOps Guides – Comprehensive resource for integrating security into the software development by HADESS
DevSecOps Guides – Comprehensive resource...
Splunk
81 Siem Very important Use Cases for your SOC by SPLUNK
81 Siem Very important Use...
NCSC
NCSC Cyber Security for Small Business “SMEs” Guide.
NCSC Cyber Security for Small...
RedHat
State of Kubernetes Security Report 2022 by RedHat
State of Kubernetes Security Report...
HADESS
Introduction to Doxing- OSINT methods for information gathering by HADESS
Introduction to Doxing- OSINT methods...
BUTTERWORTH-HEINEMANN
Security Operations Center Guidebook – A Practical Guide for a Successful SOC
Security Operations Center Guidebook –...
Marcos Jaimovich
Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich
Why do we compare a...
Joas Antonio
Security Operations Center (SOC) – Tools for Operations Development by Joas Antonio
Security Operations Center (SOC) –...
IZZMIER
Incident Response Playbooks & Workflows Ready for use in your SOC & Redteams
Incident Response Playbooks & Workflows...
LOGPOINT
396 Use Cases & Siem Rules Code ready for use for Mitre Attacks Events Detection in Your SOC by Logpoint
396 Use Cases & Siem...
Forrester - Allie Mellen
Adapt Or Die: XDR Is On A Collision Course With SIEM And SOAR – EDR Is Dead, Long Live XDR by Allie Mellen – Forrester
Adapt Or Die: XDR Is...
CYBER LEADERSHIP INTITUTE
CISO PLAYBOOK: FIRST 100 DAYS Setting the CISO up for success
CISO PLAYBOOK: FIRST 100 DAYS...

LASTEST PUBLISHED POSTS

National Security Agency
CSI Cloud Top10 Key Management
CSI Cloud Top10 Key Management
CSA Cloud Security Alliance
Defining the Zero TrustProtect Surface
Defining the Zero TrustProtect Surface
HANIM EKEN
CONTAINER SECURITY INTERVIEW QUESTIONS ANSWERS
CONTAINER SECURITY INTERVIEW QUESTIONS ANSWERS
CNIL
PRACTICE GUIDE GDPR – SECURITY OF PERSONAL DATA Version 2024
PRACTICE GUIDE GDPR – SECURITY...
PWNED LABS
Cloud Security Engineer Roadmap
Cloud Security Engineer Roadmap
tutorialspoint.com
Cloud Computing Tutorial Simply Easy Learning
Cloud Computing Tutorial Simply Easy...
SMITHA SRIHARSHA
CISSP Preparation Notes
CISSP Preparation Notes
CISSP Mind Map: All Domains
CISSP Mind Map: All Domains
Lansweeper
CIS 18 CRITICAL SECURITY CONTROLS CHECKLIST
CIS 18 CRITICAL SECURITY CONTROLS...
Semaphore
CI-CD with Docker and Kubernetes
CI-CD with Docker and Kubernetes
EC-MSP
BUSINESS CONTINUITY PLAN & DISASTER RECOVERY PLAN TEMPLATE
BUSINESS CONTINUITY PLAN & DISASTER...
PWC
Building a risk-resilient organisation
Building a risk-resilient organisation

More Latest Published Posts

40 under 40
40 under 40 in CyberSecurity 2024
40 under 40 in CyberSecurity 2024
HADESS
40 Days in DeepDark Web About Crypto Scam
40 Days in DeepDark Web About Crypto Scam
Everbridge
8 Principles of Supply Chain Risk Management
8 Principles of Supply Chain Risk Management
CHAOSSEARCH
Threat Hunter’s Handbook – Using Log Analytics to Find and Neutralize Hidden Threats in Your Environment
Threat Hunter’s Handbook – Using Log Analytics to Find and Neutralize Hidden Threats in Your Environment
ENDGAME
The Hunters Handbook Endgame’s Guide to Adversary Hunting
The Hunters Handbook Endgame’s Guide to Adversary Hunting
THE EU’S MOST THREATENING by EUROPOL
THE EU’S MOST THREATENING by EUROPOL
National Cyber Security Centre
Responding to a cyber incident – a guide for CEOs
Responding to a cyber incident – a guide for CEOs
IGNITE Technologies
CREDENTIAL DUMPING
CREDENTIAL DUMPING
HADESS
Pwning the Domain Lateral Movement
Pwning the Domain Lateral Movement
Jorgen Lanesskog
PING Basic IP Network Troubleshooting
PING Basic IP Network Troubleshooting
TELESOFT
Layer 7 Visibility What are the Benefits?
Layer 7 Visibility What are the Benefits?
TIGERA
Introduction to Kubernetes Networking and Security
Introduction to Kubernetes Networking and Security
Department of Defense's (DoD)
Defense Industrial Base Cybersecurity Strategy 2024
Defense Industrial Base Cybersecurity Strategy 2024
Dummies
Zero Trust Access for Dummies Fortinet
Zero Trust Access for Dummies Fortinet
Homeland Security
Zero Trust Implementation Strategy
Zero Trust Implementation Strategy
National Australia Bank Limited
Your Business and Cyber Security
Your Business and Cyber Security
CYFIRMA
Xeno RAT- A New Remote Access Trojan
Xeno RAT- A New Remote Access Trojan
IGNITE Technologies
Windows Persistence COM Hijacking MITRE T1546 015
Windows Persistence COM Hijacking MITRE T1546 015
IGNITE Technologies
Windows Exploitation Rundll32
Windows Exploitation Rundll32
IGNITE Technologies
Windows Exploitation Msbuild
Windows Exploitation Msbuild
HADESS
Web LLM Attacks
Web LLM Attacks
HADESS
Trended Protocols for Security Stuff
Trended Protocols for Security Stuff
Red Iberoamericana de Protección de Datos
Transferencia Internacional de Datos Personales – Guia de Implementación
Transferencia Internacional de Datos Personales – Guia de Implementación
CYFIRMA
TRACKING RANSOMWARE January 2024
TRACKING RANSOMWARE January 2024
https://www.linkedin.com/in/harunseker/
TOP Cyber Attacks Detected by SIEM Solutions
TOP Cyber Attacks Detected by SIEM Solutions
TRAVARSA
Top 100 Cyber Threats and Solutions 2024
Top 100 Cyber Threats and Solutions 2024
Top 50 Cybersecurity Threats
Top 50 Cybersecurity Threats
OWASP
Top 10 Considerations for Incident Response
Top 10 Considerations for Incident Response