‘Most Recent Cyberattacks on Water Systems Won’t Be the Last’ Says iSchool Cybersecurity Expert — Syracuse University News
Media Tip Sheets
More government agencies are taking steps to shore up their cybersecurity measures. Earlier this week, the Environmental Protection Agency announced it would step up inspections of water facilities that may be vulnerable to cyberattacks.
Why are government agencies more at risk when it comes to cyberattacks and operational vulnerabilities?
Lee McKnight is an associate professor in the Syracuse University School of Information Studies (iSchool) whose research specialty includes cybersecurity. He provides written comments that can be quoted directly. He is available for interviews on future topics related to cybersecurity practices in the public and private sectors.
McKnight says:
“With state-sponsored actors taking advantage more frequently of outdated to non-existent water supply security practices, it is refreshing -like a glass of (clean) water – that the EPA and CISA have begun to raise the alarm. The fact that 70% of water systems upon inspection failed to demonstrate their ability to maintain basic cyberhygiene is regrettable, but far from shocking.
“It is overdue for the public and private sector organizations supplying and supporting water systems to take these threats seriously. Even if the nightmare worst case scenarios have not happened at scale, the entire sector has to prioritize cybersecurity, just as oil pipelines belatedly did after the successful ransomware attack on the Colonial Pipeline several years ago precipitated.
“In the case of water supplies, the risks are more local but can be no less devastating if their operational technology is breached.
“Sending the sector’s IT workforce back to school – or at least scaling up online sector-specific training programs – is long overdue. Beyond ‘IT’ workers, the wider workforce must have more opportunities for training in basic cyberhygiene as well.
“Since now that it is widely known that cyber-attackers have a 70% probability of finding a soft target when going after a water system – unfortunately, we know the most recent successful cyberattacks on water systems will not be the last.”
To request interviews or get more information:
Daryl Lovell
Syracuse University Media Relations
M 315.380.0206
dalovell@syr.edu | @DarylLovell
Syracuse University