News

US authorities talk about three ransomware attacks on water treatment plants

A security bulletin released this week by the FBI, NSA, CISA and EPA states that in 2021 hackers carried out ransomware attacks that targeted three American water treatment plants.

The unreported attacks reportedly occurred in March, July and August this year, affecting businesses in Nevada, Maine and California. In the course of these incidents, the attackers encrypted the victims’ files, and in one case even damaged the computer used to control the industrial SCADA equipment that was used to operate the treatment facilities.
  1. In March 2021, hackers used an unknown ransomware against WWS [water and wastewater] systems in Nevada. The attack affected the SCADA system and backup systems of the victim company. Fortunately, the SCADA system provided visibility and monitoring, but was not related to process control (ICS).
  2. In July 2021, attackers gained remote access and injected the ZuCaNo ransomware on the SCADA computer of an unnamed WWS enterprise in Maine. The wastewater treatment plant operated in manual mode until the SCADA machine was rebuilt locally.
  3. In August 2021, cybercriminals used Ghost malware against the California-based WWS enterprise. The malware was in the system for about a month and was only discovered after three SCADA servers showed ransom notes.

All three incidents are listed by law enforcement officials as examples of what can happen if wastewater treatment plant operators ignore safety requirements and are unable to protect their computer networks.

At the same time, representatives of government agencies emphasize that, in general, they do not observe an increase in the number of attacks on water treatment plants and other water systems in the United States. But while attacks on other sectors are more common, water supply and sanitation systems are critical infrastructure and perform critical functions nationwide.

Thus, the authors of the bulletin conclude that the security of such objects should correspond to the role they play.

Let me also remind you that we wrote that DoS-attack in the US caused power station failure.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove News-bpudepi.today pop-up ads (Virus Removal Guide)

News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…

16 hours ago

Remove Doguhtam.xyz pop-up ads (Virus Removal Guide)

Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…

16 hours ago

Remove News-xlixoti pop-up ads (Virus Removal Guide)

News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…

16 hours ago

Remove Ducesousightion pop-up ads (Virus Removal Guide)

Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…

16 hours ago

Remove News-xlabica.live pop-up ads (Virus Removal Guide)

News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…

16 hours ago

Remove Mergechain.co.in pop-up ads (Virus Removal Guide)

Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…

16 hours ago