By Peter Chawaga
Demonstrating an ongoing commitment to protecting drinking water systems from cyberattack, a central federal body is seeking significant funding to help protect against the growing threat.
“As the Cybersecurity and Infrastructure Security Agency [CISA] prepares to disburse $1 billion in funding through the Federal Emergency Management Agency to improve cybersecurity of critical infrastructure around the country, director Jen Easterly drew lawmakers’ attention to the needs of the water sector in asking for the program to receive an additional $80 million,” Nextgov reported.
“I see this $80-million program effectively as a complement to that [$1 billion program] to go after those target-rich, resource-poor critical infrastructure providers,” Easterly told the House Appropriations Committee, per MeriTalk. “I would draw your attention in particular to water entities that, frankly, are very target-rich … but resource-poor. So being able to provide grant money to help them raise their cybersecurity baseline, I think is really important.”
Cybersecurity breaches at drinking water and wastewater plants have become significantly more prevalent in recent months. In the last year, hackers have gained access to drinking water systems in California, Maryland, and Florida, getting dangerously close to poisoning supplies. The Biden administration has launched an action plan designed to help water systems integrate new technology and share more information about the nature of these threats.
CISA’s latest appeal for additional funding would complement its ongoing efforts to secure water systems — particularly the industrial control systems they use.
“Industrial control systems used in facilities like water treatment plants and gas pipelines can be particularly troublesome to secure and federal agencies have recently warned about malware constructed to target such infrastructure at scale,” Nextgov reported. “CISA is requesting $39 million for its CyberSentry program which allows the agency to place sensors in the environments of participating entities and may be tapped for a series of sprints the White House is conducting to track and mitigate threats to the industrial control systems of critical infrastructure.”
As cyberattacks become more sophisticated, the threat to critical systems like drinking water treatment plants will only grow. Operators of those systems will have to remain diligent, and it appears that federal agencies are attempting to aid them however they can.
To read more about how water systems combat cyberattack, visit Water Online’s Resiliency Solutions Center.