Small Texas towns targeted in series of international cyberattacks on water systems

FBI and Homeland Security are investigating reports

Small Texas towns targeted in series of international cyberattacks on water systems

Cyber

By Jonalyn Cueto

The small Texas community of Hale Center, along with other remote towns, reportedly became the focal point of attempts to infiltrate the US water supply infrastructure. According to a Bloomberg report, this attack appears to have connections to Russia, raising concerns about the security of critical utilities.

In January, Mike Cypert, the city manager of Hale Center, a town known for its cotton production and a population of 2,000, received a warning from a software vendor about potential cyber threats. Cypert’s prompt action in unplugging the system possibly averted a crisis. His town, located approximately five hours northwest of Dallas, identified thousands of attempts to breach its firewall, with significant traffic originating from an IP address in St. Petersburg, Russia.

The broader implications became evident as similar attacks surfaced in nearby Texas communities. One such incident in Muleshoe led to a water tank overflowing after hackers gained control of the water system’s operations.

US water utilities under attack?

These incidents are part of a worrying trend of cyberattacks targeting America’s water utilities, attributed to adversaries from Iran, China, and Russia. In November, an Iranian-backed group targeted digital controls used in the water sector across several states. Similarly, in December, Chinese state-sponsored hackers reportedly attacked a water utility in Hawaii.

John Hultquist, chief analyst at Mandiant Intelligence, emphasized the vulnerability of the water sector, which is often underfunded and increasingly targeted by foreign threats. “The water sector is poorly resourced and is under siege from three fronts. This is now Iran, China and Russia,” he said.

The FBI and the US Department of Homeland Security are investigating these breaches.

Further complicating matters, researchers at Mandiant have identified potential links between these attacks and a notorious Russian hacking group, Sandworm, known for its disruptive cyberattacks in Ukraine and against the 2018 Olympics in South Korea. The group, believed to be part of Russia’s military intelligence, seems to have extended its operations to the US, a significant escalation if confirmed.

In addition to Hale Center and Muleshoe, other small towns like Abernathy and Lockney experienced cyber incursions. These attacks involved quick responses from local officials who managed to mitigate the damage by immediately severing the hackers’ access.

The recent spate of cyberattacks has reignited discussions about the necessity for stringent cybersecurity measures within the water sector. Last year, a proposal by the Environmental Protection Agency to mandate states to bolster their cyber defenses for water facilities faced opposition and was ultimately dropped. However, the White House has indicated plans to collaborate with Congress to enhance the regulatory powers of environmental authorities.

Have something to say about this story? Leave a comment below.

 

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!