Today, CISA and the Environmental Protection Agency (EPA) released Internet-Exposed HMIs Pose Cybersecurity Risks to Water and Wastewater Systems. This joint fact sheet provides Water and Wastewater Systems (WWS) facilities with recommendations for limiting the exposure of Human Machine Interfaces (HMIs) and securing them against malicious cyber activity.

HMIs enable operational technology owners and operators to read supervisory control and data acquisition systems connected to programmable logic controllers. Threat actors can exploit exposed HMIs at WWS Sector utilities without cybersecurity controls, resulting in operational impacts and forcing victims to revert to manual operations (see Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity).

EPA and CISA strongly encourage WWS Sector organizations review and implement the mitigations in this fact sheet to harden remote access to HMIs. Visit our Water and Wastewater Systems page for additional resources to help protect the WWS Sector.

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Updated NIST cybersecurity framework adds core function, focuses on supply chain risk management

February 27, 2024 0 Comments 0 tags

The post Updated NIST cybersecurity framework adds core function, focuses on supply chain risk management appeared first on CyberScoop.

Read More

Scattered Spider Now Affiliated with RansomHub Following BlackCat Exit

June 12, 2024 0 Comments 0 tags

GuidePoint has assessed with high confidence that the notorious Scattered Spider group has become an affiliate of RaaS operator RansomHub

Read More

US accuses RT, others of covert arms dealing, global influence operations

September 13, 2024 0 Comments 0 tags

The State Department announced a fresh round of sanctions for RT and related media companies Friday, accusing the Russian state-funded news outlet of operating a crowdfunding website that funneled weaponry

Read More