This week CNN reported that Cyberattacks are hitting water and wastewater systems throughout the United States. In a letter to state governors, EPA Administrator Michael Regan and national security adviser Jake Sullivan emphasized, “We need your support to ensure that all water systems in your state comprehensively assess their current cybersecurity practices.” Regan and Sullivan said that, in many cases, “even basic cybersecurity precautions” are not in place at water facilities and “can mean the difference between business as usual and a disruptive cyberattack.”

5 famous Cyberattacks on water systems and other critical infrastructure

According to Cybersecurity expert Ravi Das, Cyberattacks on critical infrastructure, such as public water systems, are nothing new. In his 2022 article, “Five Famous Cyberattacks on Critical Infrastructure,” he recounts previous attacks on public water, gas, oil, energy, and financial systems—including the 2013 attack on the Rye Brook Water Dam in New York.Although the actual Infrastructure was small,” he explains, “the lasting repercussions from the attack were tremendous, primarily because it was one of the first instances in which a nation state actor was blamed; all fingers pointed towards Iran. The most surprising facet of this Cyberattack was that it occurred in 2013 but was not reported to law enforcement agencies until 2016. Even more striking is that the Malicious Threat Actors were able to gain access to the command center of these facilities by using an ordinary dial-up modem.” Read more about the Cyberattacks here.

Expert perspective: Why and how legacy IT systems put critical infrastructure at risk

Critical infrastructure is often at risk of Cyberattacks because they rely on outdated and ineffective technology systems. In his article, The Security Challenges Posed to Industrial Control Systems,” Ravi Das explains that IT systems from the 70’s and 80’s still exist and put critical infrastructure at risk. He goes on to describe in detail the vulnerabilities of such legacy systems and the challenges of bringing them up to date. As daunting a task as modernizing such systems may be, doing so may very well protect critical infrastructure from catastrophic Cyberattacks.



Join the conversation.

Keesing Technologies

Keesing Platform forms part of Keesing Technologies
The global market leader in banknote and ID document verification

+ posts

Ravi Das is a Cybersecurity Consultant and Business Development Specialist. He also does Cybersecurity Consulting through his private practice, RaviDas Tech, Inc. He also possesses the Certified in Cybersecurity (CC) cert from the ISC2.

Previous articleMany Danish Banknotes Won’t be Legal Tender after May 2025
Next articleAI Discovers That Not Every Fingerprint Is Unique