Experts say cyber attacks are on the rise, especially with recent advances in artificial intelligence.
North Texas has seen a number of attacks on city governments, local agencies, and school districts in the last year alone, and now the federal government is issuing new warnings about specific attacks that could affect water systems.
The Biden administration has sent a warning letter to all U.S. governors about hackers targeting water and wastewater systems across the country. They say these attacks are already occurring, particularly from state-sponsored hacking groups in Iran and China.
“When I heard that, I had to stand up and say, this is a credible thread, they know something,” said the Dallas-based cybersecurity expert and author of the podcast “The said David Mallicoat, host of “Professional CISO.''
A CISO (Chief Information Security Officer) is a senior-level executive who oversees an organization's information, cyber, and technology security. Mallicoat said this role will become increasingly important in local governments, where recent trends in hacking attacks require greater vigilance.
“Local governments are not as well protected as the federal government or commercial entities, which is why they have been targeted more recently. [hackers] You can pull that data and use it, usually elsewhere, for further attacks,” he said. “I think there are thousands of water districts across the country, but 80% of them are considered small and under-resourced. They typically don't have full-time cybersecurity staff. plug.”
When it comes to water systems, Malicoat said hackers could even infiltrate technical operations and affect access to water. He said threat actors have been able to infiltrate systems in the past and take over remote access to control machines.
“It did not amount to anything serious in terms of harming anyone, as there have been some incidents over the past three years,” he said. “But in Pennsylvania, hackers once dumped up to 1,000 times the amount of treated water into the water. And they were caught before anything could happen.”
NBC 5 reached out to both Dallas and Fort Worth's water agencies about the federal warning.
Dallas water utilities said they are well aware of the advisory and as they regularly monitor their systems.
“The City of Dallas leverages specialized cyber organizations and federally supported agencies such as MS-ISAC and MS-ISACWater to proactively monitor the prevailing global threat landscape 24/7,” Dallas said. said Jennifer Brown, interim assistant director of communications for the city. In an emailed statement to NBC 5, the city said it is “actively engaged in discussions led by local, state, and federal authorities regarding cyber threats and potential actions. Additionally, the city is We stay up-to-date on legislation and funding that may affect our responsibilities to protect.”
Brown said Dallas has not had any prior cyber breaches of critical infrastructure.
“Through the implementation of best practices such as National Institute of Standards and Technology (NIST) guidelines and other leading cyber methodologies, we have continued to protect our cities' critical infrastructure from cyber threats through vigilant monitoring and proactive efforts. Additionally, the City of Dallas remains committed to maintaining the highest standards of current cybersecurity controls to ensure the continued resiliency and integrity of critical resident services,” she said. said in a statement.
The Fort Worth Water Department is also on special alert regarding cyberattacks. The city said it has not experienced any cyber breaches of its water utilities.
“The city, including our water utilities, takes cybersecurity threats very seriously and is taking many steps to protect our systems,” said Mary Gliuzza, Media Relations Coordinator for Fort Worth Water Utilities. said. “Fort Worth Water District continues to strengthen its cybersecurity posture and preparedness using a layered defense-in-depth approach that adheres to federal, state and water industry guidelines and best practices.”
The city participates in numerous drills each year, but the department does not elaborate on specific procedures for security purposes.
“The utility also participates in the Center for Water Information Sharing and Analysis, which just published revised guidelines. The utility is currently reviewing these guidelines and will update any revised recommendations. We plan to do so,” Gliuzza said. “While we won't go into details of the process, we have a number of protocols in place. Water utilities regularly conduct vulnerability assessments and implement recommended mitigation measures as appropriate.”
Cyber attacks may increase
Mallicoat said money is a big factor for hacker groups when it comes to cyberattacks, especially ransomware attacks that involve personal or sensitive data. Hackers either steal that data and threaten to make it public unless money is paid, or they encrypt the data within the system itself and threaten to delete it if the ransom is not paid.
Just last week, the Tarrant Appraisal District was hit with a criminal ransomware attack demanding $700,000.
This month, approximately 2,100 people at UT Southwestern Medical Center were affected by a data security breach that included medical and health insurance information, addresses, and dates of birth.
Dallas County also reported a cybersecurity incident in January.
Meanwhile, the city of Dallas is still recovering from a high-profile ransomware attack that crippled its systems last year and forced it to spend more than $8 million in recovery efforts.
Mallicoat warned that attacks are likely to increase due to advances in technology and this being an election year.
“We're going to hear a lot more, we're going to see a lot more, and the world is going to look a little bit crazy when it comes to cybersecurity and cyberattacks. And they're doing it on purpose. 'They want us to do that.' We have that fear, that anxiety, that doubt,' he said.
He also said companies need to invest more money into securing their systems to prevent breaches.
“Ten to 15 years ago, it was large enterprises that were being attacked. Then they responded by increasing their maturity level and significantly strengthening their cybersecurity. Now, the threat actors are different. “Again, they're looking for the most vulnerable people, and that's going to lead them to maybe some of these local and county governments,” Mallicoat said. he said.
protect yourself
So what can the rest of us do to protect ourselves?
Malicoat said a good place to start is by changing passwords on important accounts. Do not reuse passwords.
“We know it's hard. After all, how do you remember all those passwords? There are now very low-cost or even free, well-regarded tools like Password Keeper and Password Vault. “It's here. Not only can you save your passwords, it can generate them and remember them for you,” he said.
Some reputable password keepers include: 1Password, Keeper, LastPass.
Multi-factor authentication is key, allowing you to verify your login through additional methods such as text, push alerts, and email.
“I would say that in our world and in cybersecurity, we avoid a lot of attacks through multi-factor authentication,” Mallicoat said.
The federal government also has programs and websites to help educate organizations and individuals about cybersecurity threats.
Additionally, the Department of Homeland Security has listed some key actions to follow regarding cyberspace.
- Never click on links in emails
- Never open attachments
- Please do not divulge personal information
- Pay close attention to your website URL
- Be suspicious of emails and text messages you don't recognize
