CISA Launches Free Security Scans for Water Utilities
The U.S. Cybersecurity & Infrastructure Security Agency (CISA), in collaboration with partners like the Environmental Protection Agency (EPA) and Water Sector Coordinating Council (WSCC), has rolled out a no-cost security scanning program for critical infrastructure sites, including water utilities. This initiative aims to fortify these essential facilities against cyber threats.
Facilities are encouraged to participate, allowing CISA to identify vulnerabilities in their publicly facing devices. Through the program, CISA's specialized tools will scan for exposed endpoints and detect potential weak points. Participants then receive weekly reports detailing vulnerabilities and recommended actions. Critical vulnerabilities prompt an initial report within 24 hours and re-scans every 12 hours. For less severe issues, re-evaluation can vary from 1 to 6 days.
Importantly, CISA assures that their scanners won't intrude on private networks or make any modifications, ensuring data safety.
To join the program, utilities can email vulnerability@cisa.dhs.gov, providing their facility's details. A CISA representative will guide them through the next steps.
The need for heightened security in water utilities has intensified, with recent breaches, like the Discovery Bay Water Treatment Facility incident in California, highlighting the threats. With an uptick in ransomware attacks on public utilities, safeguarding water facilities is now paramount for both public health and national security.
Loading Comments ...
Comments
No comments have been added for this post.
Sorry. Comments are frozen for this article. If you have a question or comment that relates to this article, please post it in the appropriate forum.