Cyberattacks On Infrastructure Are Attacks On Everyone

January 16, 2025

The largest water utility in the United States, American Water, recently faced a significant cybersecurity incident.

The company had to shut down its customer portal and pause billing operations indefinitely. The incident was discovered on a Thursday, and the company immediately took protective measures. Despite the breach, American Water assured customers their water is safe to drink, and that none of its water or wastewater facilities were negatively affected.

The company is working around the clock to investigate the incident and restore its systems. The investigation is ongoing, and the company has notified law enforcement and is cooperating with them. The call center is currently experiencing limited functionality because of the shutdown of the customer service portal.

The U.S. water and wastewater sector has become an increasingly attractive target for cyberattacks, with recent incidents highlighting the need for stronger cybersecurity measures. The Environmental Protection Agency has also announced stepped-up cybersecurity oversight provisions across U.S. drinking water systems. https://www.govinfosecurity.com/largest-us-water-utility-hit-by-cybersecurity-incident-a-26478 (Oct. 08, 2024).

Commentary

Infrastructure attacks affect all organizations and workplace participants and not just those who have essential services interrupted.

Unfortunately, infrastructure attacks are increasing. In 2024, there was a notable surge in cyberattacks targeting critical infrastructure, including healthcare systems and energy sectors. These attacks have become more frequent and sophisticated, with threat actors exploiting vulnerabilities in network devices and industrial control systems. https://www.dni.gov/files/CTIIC/documents/products/Recent_Cyber_Attacks_on_US_Infrastructure_Underscore_Vulnerability_of_Critical_US_Systems-June2024.pdf

These attacks can have severe economic impacts, affecting various sectors of the economy and causing widespread disruption including:

  • Lost production and sales, reduced income for employees, and even temporary or permanent closure of organizations dependent on the infrastructure damaged.
  • Repeated infrastructure attacks can erode public trust in the reliability of essential services, leading to decreased consumer and investor confidence.
  • The ripple effects of infrastructure attacks can extend beyond immediate disruptions, affecting long-term economic growth and stability.
     

The final takeaway is that even if your organization has not been directly affected by an infrastructure attack, it is a best practice to prepare for the possibility of an infrastructure attack that can affect your organization.


 

Finally, your opinion is important to us. Please complete the opinion survey:

Product

Articles

Use Common Sense Cybersecurity To Limit Access And Exposure To Malware

A particularly nasty malware strain is reemerging, and defense models are offered to counter. We discuss one way to limit exposure that is just common sense cybersecurity.

Negligent Security Measures Continue To Cost Healthcare Organizations

A radiology clinic is tagged with a million-dollar-plus data breach settlement. The plaintiffs cite negligent security measures as the reason. What does that mean? We answer.

Tip-Related FLSA Violations: A Danger Zone For Employers

Employers who make sure tip pools comply with FLSA requirements can avoid this growing risk. We examine.

Would A Four-Day Workweek Work For U.S. Employers? You Make The Call

Employees in the United Kingdom with four-day workweeks report greater productivity and higher satisfaction. Would a four-day workweek work for U.S. employers? You make the call.

Nothing Perfect About The "Perfctl" Malware Strain: How Can It Harm Your Organization?

"Perfctl" is a new malware strain and it is creating concern. Why is it a huge risk?