On October 18, 2024, the Pennsylvania Public Utility Commission (PUC) issued a letter to water and wastewater utilities regarding an upcoming seminar on cybersecurity threats. In July, PUC warned these utilities that malicious nation-state and criminal cyber actors were targeting their information technology systems for financial gain as well as strategic purposes.
The credibility of these threats is underscored by the November 2023 cyber-attack on a Municipal Water Authority of Aliquippa booster station. This attack was perpetrated by Iranian hackers, apparently motivated by United States' support to Israel.
On November 15, 2024, PUC will co-host the first of a series of seminars to assist water and wastewater utility cybersecurity, along with the Department of Homeland Security's Cyber and Infrastructure Security Agency (CISA) and the Environmental Protection Agency (EPA). In addition to discussing specific threats and techniques to counter them, the seminar will identify resources utilities can use to strengthen their cybersecurity, many of which are free and available from CISA, the EPA, and the American Water Works Association.
This seminar series will be useful beyond Pennsylvania and the water and wastewater utility community. A cyber-attack is perpetrated not only against an organization, but also the customers they serve, and any organization that presents an attractive target for financial or strategic purposes can benefit from these events.
https://www.puc.pa.gov/electricity/cybersecurity/
A cyber-attack is perpetrated not only against an organization, but also the customers they serve.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.