• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • CATEGORIES & PRODUCTS
    • Categories


      BACnet

      Building Automation

      Cloud Computing

      Cybersecurity

      Data Visualization

      Edge Computing

      Energy Efficiency

      EtherNet/IP

      FieldServer

      HVAC-R

      Industrial Automation

      IoT

      Modbus

      Predictive Maintenance

      Remote Connectivity

      Utilities

      Products


      FieldServer

      FieldServer Manager

      FieldVEU

      Fixed Gas & Flame Detection

      Parasense

      Column
  • SUBSCRIBE

Security Vulnerabilities: How Technology Can Help Secure Water and Wastewater Utility Networks

Richard Theron | Sep 22, 2023 | 3 Min Read

September 22, 2023 by Richard Theron

Reading Time: 3 minutes

In 2023, the potential for sabotage continues to loom large for the water environment. Scroll through recent headlines and you’ll read multiple accounts of breaches in computer and SCADA (supervisory control and data acquisition) networks.

According to the Cybersecurity and Infrastructure Security Agency (CISA), both water supply and wastewater management are:

“… so vital to the U.S. that their disruption, corruption, or dysfunction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.”

Cybersecurity and the U.S. Water Supply

This growing problem is such a concern that earlier this year the U.S. Environmental Protection Agency (EPA) released a memorandum that essentially urged public water systems to implement more robust cybersecurity programs. The memo also recommended that cybersecurity be included as a best practice for water utility auditing.

Of course, these same recommendations hold true for wastewater treatment facilities and the protection of their networks, devices, and data.

Cloud platforms, remote monitoring, and smart detection devices are helping better protect our nation’s water supply. Yet, despite the benefits of these advanced operational technologies, there are some potential security risks—risks that must be addressed in order to secure networks and keep water and wastewater operations safe.

Malicious Cyber Activity in Water and Wastewater Systems

Treatment plant shutdowns, locked networks, and disabled monitoring are just a few of the many examples of what can happen if a cyberattack occurs at a water utility or wastewater treatment plant.

Here’s a high-level recap of some recent malicious ransomware attacks on water and wastewater treatment systems, as reported by CISA:

When: August 2021

Where: California-based WWS facility

The ransomware variant had been in the system about a month before it was discovered via a SCADA message.


When: July 2021

Where: Maine-based WWS facility

Attackers gained access to the SCADA and introduced ransomware, forcing the organization to run a manual system until the SCADA could be restored.


What: Ransomware via remote access

When: March 2021

Where: Nevada-based WWS facility

Cybercriminals introduced ransomware into both the SCADA and backup systems.


Strengthening Security

So, what can be done to mitigate risks of a compromised system?

Plenty.

In fact, we’ve written on the topic of cybersecurity many times, offering resources and action steps that can help you take control. This article in particular outlines cybersecurity best practices within the context of why and how MSA FieldServer™ is committed to regularly strengthening security.

If you’d like to know how this information applies to your security strategy, we invite you to join us at WEFTEC 2023, October 2-4, 2023 in Chicago. Stop by Booth #1822 to say “hello,” talk cybersecurity, and learn more about intelligent automation and control, as well as secure remote monitoring.

In the meantime, keep reading for three specific things you can do right now to help mitigate potential vulnerabilities.

3 Tips for Preventing Malicious Cyber Activity

  1. Add Multifactor Authentication

    Multifactor authentication (MFA) is a log in process that requires users to present additional credentials beyond merely entering a password in order to access a system. These additional credentials could include answering a secret question or inputting a code that’s been sent via SMS or email.

    This deterrent works by adding a layer of difficulty, meaning that if one or both authenticators fail, the user is unable to access the system. Of course, it’s essential that you require users to log in at every turn in order and that you have a plan in place to revoke access for unauthorized users, including former employees.

  2. Increase System Monitoring

    Close and careful monitoring of water and wastewater systems is perhaps the best way to detect and thwart suspicious activity.

    Suspicious activity could include such things as:

    • Unusual alerts or system access
    • Unplanned SCADA restarts
    • Abnormal changes in system or data parameters

    FieldServer gateways connected to the MSA Grid cloud platform let you proactively monitor in real-time across multiple locations from wherever you are.

  3. Ensure Device Security

    Because communication protocols are among the most vulnerable to attack, it’s essential to keep firmware updated and use devices that are designed with security in mind. Look for manufacturers like FieldServer that employ third-party penetration testing via an ethical hacking team.

    Third-party penetration testing can help ensure that vulnerabilities are addressed and that your solutions adhere to the latest cybersecurity standards.

FieldServer Security—Above and Beyond

Reducing the risk of exposure is key to preventing a hack, a breach, or an attack. Which is why we recommend the FieldServer Dual Ethernet Port for a better, more secure way to connect your systems.

In addition to enabling secure connections, the Dual Ethernet Port complies with the most stringent Internet of Things (IoT) safety standards and is third-party penetration tested for our gateway hardware and the MSA Grid.

Its unique design reduces the risk of exposure through a variety of security features including a firewall that enables an outgoing connection while blocking incoming ones.

To learn more about the benefits of a FieldServer Dual Ethernet Port gateway, stop by our booth at WEFTEC or contact us.

About Richard Theron

Richard Theron is the product line manager for FieldServer at MSA, where he works intimately with companies in the building automation, industrial automation, energy management and life safety markets to help them cloud-enable their equipment.

Recommended for You

Remote Connectivity

Why Remote Notifications in Water and Wastewater Treatment Matter

October 1, 2024
4 Min Read
Share:

Footer

MSA MISSION: That men and women may work in safety and that they, their families, and their communities may live in health throughout the world.

Visit Our Sites

  • FieldServer Solutions
  • MSA
MSA on Facebook   MSA on X   MSA on LinkedIn  

Contact

  • blog@msasafety.com
  • 1-800-672-2222
  • View All Contact Info
  • Subscribe

Other MSA Blogs

  • Industrial – Spotlight on Safety
  • Fire Service – The Scene

© 2024 MSA. All rights reserved.