As cyber attackers pose a threat to vital utility facilities, the Cybersecurity and Infrastructure Security Agency (CISA) is cautioning water and waste facilities to safeguard their online Human Machine Interfaces (HMIs). These facilities are being warned about the severe security risks associated with exposed HMIs that could potentially disrupt their normal operations.
CISA Urges Water Facilities to Protect Online HMIs
The joint effort between the US Cybersecurity and Infrastructure Security Agency (CISA) and the Environmental Protection Agency (EPA) is alerting water and waste systems facilities (WWS) about potential cyber threats targeting vulnerable HMIs.
In a recent alert shared through a factsheet, the two agencies are urging all water systems facilities to secure their online Human Machine Interfaces (HMIs) to prevent threat actors from exploiting vulnerabilities.
HMIs play a crucial role in the operational technology infrastructure of WWS facilities. According to the factsheet, these systems assist OT owners and administrators in monitoring Supervisory Control and Data Acquisition (SCADA) systems connected to programmable logic controllers (PLCs). Given their significance, adversaries may target and exploit susceptible HMIs to access and manipulate sensitive information, such as security settings, thereby disrupting the facilities’ operations.
The defense agency is reinforcing their alert with a recent incident involving pro-Russia hacktivists conducting attacks.
CISA and EPA recommend WWS facilities to enhance the security of their HMI systems to mitigate such threats. Some measures that facilities can implement include:
- Conducting comprehensive scans for internet-facing devices.
- Safeguarding online HMIs by disconnecting them from the public-facing internet or implementing password protections.
- Utilizing network segmentation and geo-fencing to restrict unauthorized access.
- Keeping all HMI systems up to date with the latest security patches from the vendor.
Cyberattacks targeting critical infrastructure, like WWS facilities, are not uncommon. Threat actors have been known to target such facilities to disrupt daily operations, especially through state-sponsored attacks. This includes exploiting OT vulnerabilities and ransomware attacks. Therefore, it is essential for these facilities to adhere to security best practices and ensure staff awareness and training to counter such threats.
We value your insights and opinions, so feel free to share them in the comments.
