{"id":3675,"date":"2024-05-21T12:29:45","date_gmt":"2024-05-21T17:29:45","guid":{"rendered":"https:\/\/www.darkreading.com\/ics-ot-security\/epa-water-sector-cyber-efforts"},"modified":"2024-05-21T12:29:45","modified_gmt":"2024-05-21T17:29:45","slug":"epa-puts-teeth-into-water-sector-cyber-efforts","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/05\/21\/epa-puts-teeth-into-water-sector-cyber-efforts\/","title":{"rendered":"EPA Puts Teeth Into Water Sector Cyber Efforts"},"content":{"rendered":"
<\/a><\/div>\n
<\/div>\n

Nearly 70% of the United States’ community drinking water systems fails to comply with the Safe Drinking Water Act, according to the Environmental Protection Agency (EPA) \u2014 including the cybersecurity standards that it lays out. New EPA enforcement plans aim to turn that around.<\/span><\/p>\n

According to an <\/span>EPA alert<\/a><\/span> out this week, Russia and Iran in particular have stepped up cyberattacks on the nation’s water systems, “to a point where additional action is critical.” The agency pointed to a rash of critical cybersecurity vulnerabilities of concern, including default passwords that have not been updated and single logins that can easily be compromised.<\/span><\/p>\n

The stakes are notably high. “Possible impacts include disrupting the treatment, distribution, and storage of water for the community, damaging pumps and valves, and altering the levels of chemicals to hazardous amounts,” the agency said.<\/span><\/p>\n

In response, the EPA said it would increase the number of planned inspections to ensure that water systems are regularly assessing their cybersecurity resilience and developing emergency response plans. As part of the initiative, the EPA released its “Top Actions for Securing Water Systems” outline, which includes the following steps:<\/span><\/p>\n

\n