Hey there, folks! As attackers pose a threat to vital utility facilities, CISA is waving a red flag for water and waste facilities to safeguard their online HMIs. The cyber defense agency is sounding the alarm on significant security risks to exposed HMIs that could disrupt regular operations.
Calling All Water Facilities to Step Up Security for Online HMIs
The US Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Environmental Protection Agency (EPA), is sending out a warning to water and waste systems facilities (WWS) about potential cyber threats targeting vulnerable HMIs.
In a recent factsheet release, both agencies are urging all water systems facilities to secure their online Human Machine Interfaces (HMIs). Bad actors are on the lookout for exposed and exploitable HMIs that could leave systems vulnerable to attacks.
HMIs play a crucial role in the operational technology infrastructure of WWS facilities. These systems assist OT owners and admins in monitoring Supervisory Control and Data Acquisition (SCADA) systems linked to programmable logic controllers (PLCs). With their pivotal function, adversaries might target and manipulate sensitive HMI data, like security settings, to disrupt facility operations.
Backing their alert with a recent incident involving pro-Russia hacktivists, CISA stresses the urgency for WWS facilities to fortify their HMI systems against such threats.
CISA and EPA recommend several security measures for WWS facilities to enhance their HMI systems’ protection, such as:
- Conducting comprehensive scans for internet-facing devices.
- Safeguarding online HMIs by disconnecting them from public internet access or setting up password protections.
- Deploying network segmentation and geo-fencing to limit unauthorized entry.
- Keeping HMI systems up-to-date with the latest security patches from the vendor.
Cyberattacks on critical infrastructure like WWS facilities are unfortunately not uncommon. Threat actors have a history of targeting such facilities to disrupt daily operations, especially with state-backed attacks, ranging from exploiting OT vulnerabilities to ransomware incidents. Hence, implementing robust security practices and ensuring staff awareness and training are essential to thwart such threats.
We’d love to hear your thoughts in the comments!
