A Review of Cybersecurity Incidents in the Water Sector
share
This study presents a critical review of disclosed, documented, and malicious cybersecurity incidents in the water sector to inform safeguarding efforts against cybersecurity threats. The review is presented within a technical context of industrial control system architectures, attack-defense models, and security solutions. Fifteen incidents have been selected and analyzed through a search strategy that included a variety of public information sources ranging from federal investigation reports to scientific papers. For each individual incident, the situation, response, remediation, and lessons learned are compiled and described. The findings of this review indicate an increase in the frequency, diversity, and complexity of cyber-threats to the water sector. While the emergence of new threats, such as ransomware or cryptojacking, is observed, a recurrence of similar vulnerabilities and threats, such as insider threats, is also evident, emphasizing the need for an adaptive, cooperative, and comprehensive approach to water cyber-defense.
READ FULL TEXT