January 3, 2024
April 25, 2024

Industry Snapshot: Defending the Water Supply

Industry Snapshot: Defending the Water Supply

Recently, a Russian hacktivist group known as the Cyber Army of Russia Reborn was tied to the Russian GRU unit Sandworm. Since the beginning of the year, the group has taken credit for multiple water utilities in the US, a wastewater plant in Poland, and a hydroelectric dam in France. What is frightening is that state-sponsored units have not been directly tied to the disruption of public utilities, only the planting of malware. The Cyber Army of Russia Reborn does not have that restraint and has released videos of their attacks.

The group has created a playbook for targeting water utilities, following other CISA warnings about bad actors targeting water systems. If you drink water daily, this should concern you (and I am pretty sure we all do unless you survive only on Red Bull, which I suspect some IT and OT personnel do!). It's crucial that we all take action to protect our water systems.

It might feel repetitive, but I wanted to take a minute to go through some of the things in the advisory, as with this new revelation, it felt timely. Here are the issues that are highlighted by the CISA advisory:

  • Spearphishing: We have said a few things about passwords (like here and here). Passwords are bad. If you missed our webinar highlighting this, check it out on YouTube.
  • IT and OT Integration: The advisory warns that when OT is integrated with IT, attackers gain access to OT if IT is breached. Tom Sego talked about this in a presentation he gave last year. We think that is a bad idea - the goals are very different for IT and OT, and the requirements are also significantly different.
  • Internet connectivity to OT networks: Although we can’t really air gap OT networks anymore, you can virtual air gap - check out our Network Cloaking
  • Exploitation of known vulnerabilities: Another topic we have explored extensively with our network cloaking. This blog is especially relevant. 

We are already helping many water systems protect themselves from cyberattacks. Check out our Water and Wastewater industry solution and the video below, and if you want a demo, let us know:

OT Secure Remote Access
Network Cloaking
Network Segmentation

Experience the simplicity of BlastShield to secure your OT network and legacy infrastructure.

Schedule a Demo