Security News > 2021 > October > US government discloses more ransomware attacks on water plants

U.S. Water and Wastewater Systems Sector facilities have been breached multiple times in ransomware attacks during the last two years, U.S. government agencies said in a joint advisory on Thursday.
The advisory also mentions ongoing malicious activity targeting WWS facilities that could lead to ransomware attacks affecting their ability to provide potable water by effectively managing their wastewater.
The ransomware variant had been in the system for about a month and was discovered when three supervisory control and data acquisition servers displayed a ransomware message.
In September 2020, personnel at a New Jersey-based WWS facility discovered potential Makop ransomware had compromised files within their system.
While not included in the advisory, an unknown threat actor also gained access to the water treatment system for Oldsmar, Florida, in February 2021 and tried to poison the town's drinking water by raising the levels of chemicals used to clean wastewater to hazardous levels.
Other breaches of water treatment facilities have happened over the past two decades, including a South Houston wastewater treatment plant in 2011, a water company with outdated software and hardware equipment in 2016, the Southern California Camrosa Water District in August 2020, and a Pennsylvania water system in May 2021.
News URL
Related news
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hunters International ransomware claims attack on Tata Technologies (source)
- Toronto Zoo shares update on last year's ransomware attack (source)
- Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks (source)
- US seizes domain of Garantex crypto exchange used by ransomware gangs (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)
- SANS Institute Warns of Novel Cloud-Native Ransomware Attacks (source)
- ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More (source)
- BlackLock ransomware claims nearly 50 attacks in two months (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)