National Water Groups Issue Cybersecurity Warning

WASHINGTON, D.C. - The Water Information Sharing and Analysis Center and the American Water Works Association recently circulated a cybersecurity warning about the risk of revealing key operational data.

The warning noted that an AI service provider used a public records request to access data on water treatment flow rates, energy use, reservoir elevations and water chemistry. The warning also included a recommendation for water utilities to review their public disclosure requirements.

Cyberattacks against public water systems that diligently work to ensure a clean, safe water supply are increasing. Cyber threats continue to evolve, and water agencies remain critical infrastructure targets.

As a reminder, the U.S. Environmental Protection Agency (EPA) has multiple resources for water utilities to ensure their cybersecurity measures are current and to maintain strong cybersecurity practices.

The EPA Drinking Water Data and Tools database includes dozens of data analysis tools open to the public. The EPA also has a list of informational webinars and offers a free cybersecurity assessment for drinking water and wastewater utilities to evaluate cybersecurity vulnerabilities. Additionally, ACWA conducted a webinar with the EPA that highlighted threats facing the water sector, best practices for risk management, available federal resources, and actionable steps utilities can take to enhance their cyber resilience.