On October 29, a large water and wastewater utility in the United States was victimized by a cyber ransomware attack. The risk of additional water and wastewater sector facilities being attacked by this threat is high. The WaterISAC has published an Advisory (attached) in response to this incident. The Advisory describes what happened, recommended actions to reduce risk, and additional resources. The WaterISAC has graciously permitted the distribution of this Advisory across the water and wastewater systems sector.
Questions regarding this Advisory may be directed to WaterISAC at analyst.waterisac.org. Cybersecurity incidents should be reported to the DHS Cybersecurity and Infrastructure Security Agency at https://us-cert.cisa.gov/
