White House issues new cyber-water supplies threat

South Africa’s Koeberg nuclear power station in Melkbosstrand, near Cape Town, uses sea water, unavailable inland, as a coolant. — © AFP RODGER BOSCH

In response to rising state-sanction cybersecurity incidences, the U.S. has issued a new concern in relation to utilities. The White House and EPA issued a joint letter warning state governors that hackers are targeting critical infrastructure across the water sector.

Looking into the risks posed to public supplies of clean water for Digital Journal is Almog Apirion, CEO & Co-Founder of Cyolo.

Apirion begins his assessment by analysing the statement issued, noting: “The recent warnings from the White House and EPA about hackers breaching water systems are not a surprise when news about critical infrastructure being targeted continues to make headlines.”

In terms of national priorities, Apirion indicates: “It is imperative that organizations operating in sectors, such as water, utilities, oil & gas, fortify their cybersecurity defences—this involves the access across their systems.”

Industrial control systems – the devices, controls, and networks that manage different industrial processes—are critical in maintaining operations and revenue streams. These become key tarhets for malicious actors.

It is likely that technology will need to be advanced in order to repel future threats. Apirion outlines: “As OT environments evolve and face increasingly sophisticated cyber threats, security measures, like Privileged Access Management (PAM) or Secure Remote Access (SRA) alone, may not be sufficient to address the diverse and dynamic needs of these environments.”

 According to Microsoft, privileged access management (PAM) is an identity security solution that helps protect organizations against cyberthreats by monitoring, detecting, and preventing unauthorized privileged access to critical resources.

Sharing information and notifying appropriate authorities forms and important part of any response. Apirion advises: “In light of these challenges, implementing Remote Privileged Access Management (RPAM) emerges as a crucial step for organizations to enhance their security posture.”

The reason for this is due to: “RPAM’s tailored capabilities offer a proactive defence against potential risks for the OT environments by providing stringent control and oversight over privileged accounts within water utilities and related critical infrastructure sectors.”

In terms of the benefits, Apirion summarises: “By enforcing the principle of least privilege and incorporating robust security measures like password vaulting and activity logging, RPAM empowers organizations to safeguard their systems against unauthorized access and malicious activities.”