Attention Indiana Drinking Water and Wastewater Operators and Cybersecurity Contacts
As many of you may have seen on recent news reports, water sector utilities in several states and European countries have been targeted by cyber-attacks believed to originate in Russia. These instances seem to be an organized effort targeting internet facing devices that are unsecured, or poorly secured using default or overly simplistic password protocols. IDEM is providing the guidance below from WaterISAC to help mitigate utility exposure from internet facing devices:
WaterISAC Mitigation Guidance
While specific details are limited at this time, it is believed that the threat actors are likely exploiting poorly secured internet-facing devices that are enabling them to gain initial access and eventual access to the SCADA systems. Members are encouraged to secure or isolate internet-facing devices to reduce the risk of similar attacks, specifically:
As appropriate, it may be necessary for utilities to contact service providers, such as SCADA integrators, etc. for assistance.
For more information on actions and incident response, members are encouraged to reference:
If your utility experiences any cyber-attack or suspicious activity, please report it immediately. You can contact the FBI Cyber Watch at 855-292-3937, CISA at 888-282-0870, or IDEM’s Drinking Water Branch for assistance with notifications and requesting support.
If you have any questions about this IDEM notice, do not hesitate to contact Travis Goodwin at 317-775-5473 or by email at: Tgoodwin1@idem.IN.gov.