MyCERT Advisory Recommends Cybersecurity Practices for Water Systems

MyCERT Advisory Recommends Cybersecurity Practices for Water Systems

/in

Cyble | MyCERT advisory

Overview 

The water sector is experiencing a rise in cyber threats, with critical infrastructure, including both IT and operational technology (OT) systems, becoming primary targets for malicious actors. These attacks, which exploit vulnerabilities in internet-facing OT systems and industrial control systems (ICS), pose cybersecurity risks to public health, business continuity, and national security.  

MyCERT, the Malaysian Computer Emergency Response Team, has issued MA-1228.012025, an advisory aimed at raising awareness of cybersecurity risks in the water sector and providing recommendations to mitigation stratergies. While there have been no cyber incidents reported in Malaysia’s water systems, the MyCERT advisory stresses the importance of vigilance and proactive defense strategies. 

MyCERT Advisory Highlights the Growing Cybersecurity Threat to Water Systems 

Water systems control essential services such as pumping stations, chlorination processes, and valves, all of which are critical to public health and safety. However, older systems with outdated software and weak security measures are increasingly susceptible to cyber-attacks. Many of these attacks exploit simple security weaknesses, such as default passwords and unprotected access points, enabling attackers to gain unauthorized access to sensitive systems. 

Cyberattacks targeting water systems can take many forms, from ransomware attacks demanding payment to prevent data exposure, to more insidious breaches targeting programmable logic controllers (PLCs) and other ICS devices. While large utilities have strengthened their defenses, smaller systems remain especially vulnerable. 

The recent cyber incident in October 2024, involving American Water in New Jersey, is one of such examples of these attacks. Although the attack did not result in operational disruptions at American Water’s facilities, it stresses the importance of cybersecurity vulnerabilities in the sector. The attack primarily affected computer networks and administrative systems, underlining the necessity for water utilities worldwide, including those in Malaysia, to enhance their security measures. 

Potential Impacts of Cyberattacks on Water Systems 

Cybersecurity incidents in the water sector can have a wide range of destructive consequences, both direct and indirect. Among the most concerning impacts are: 

  • Cyberattacks can interfere with the normal functioning of water systems, leading to delays in water treatment, pumping, and distribution processes. 

  • If attackers gain control of critical water system functions, they could contaminate drinking water or improperly manage chemicals, posing serious risks to public health. 

  • Industries relying on water, such as agriculture and manufacturing, could face operational shutdowns, leading to economic losses. 

  • Attackers who gain access to sensitive water system data could compromise confidential information, resulting in reputational damage and erosion of public trust. 

  • These attacks exploit vulnerabilities in water systems to hold sensitive data hostage. If ransoms are not paid, attackers may leak confidential data, including trade secrets and personal information, leading to further harm. 

  • Recovering from a cyberattack often involves substantial costs, including expenses for system restoration, legal fees, and potential fines for data breaches. 

MyCERT Advisory for Securing Water Systems 

To mitigate the cybersecurity risks facing water systems, MyCERT has outlined a series of best practices aimed at improving resilience and reducing the likelihood of successful attacks. Water system administrators are encouraged to follow these guidelines to protect critical assets: 

  1. Immediately replace default passwords with strong, unique passwords. This is one of the most basic yet effective steps to secure systems. 

  2. Minimize the number of critical systems exposed to the public internet, thereby reducing the attack surface for potential threats. 

  3. Ensure that user accounts have access only to the data and systems necessary for their role. This can limit the damage caused by compromised accounts. 

  4. MFA provides an added layer of security by requiring additional verification steps before granting access to critical systems. 

  5. Apply network segmentation in water treatment facilities to isolate key systems from non-essential systems, preventing widespread damage in the event of an attack. 

  6. Ensure that all systems, both OT and IT, are updated with the latest security patches and antivirus definitions. This is crucial to defending against known vulnerabilities. 

  7. Perform daily backups of both OT and IT systems and store backup copies in remote locations. Regularly test backup processes to ensure they function correctly during a disaster recovery scenario. 

  8. Provide annual cybersecurity training for all staff members, ensuring they understand the latest threats and how to avoid common pitfalls like phishing or clicking on malicious links. 

  9. Regularly update disaster recovery and business continuity plans to account for emerging threats and vulnerabilities. Ensure these plans are well-practiced in the event of an actual breach. 

Conclusion  

The MyCERT advisory emphasizes the need to strengthen cybersecurity in Malaysia’s water systems, which are crucial for public health and the economy. As these systems become more digital and interconnected with sectors like agriculture and manufacturing, their exposure to cyber risks grows. 

By adopting best practices like updating passwords, using multi-factor authentication, and applying security patches, water utilities can improve defenses against cyber threats. MyCERT encourages staying updated on cybersecurity developments and conducting regular assessments. While Malaysia has not faced major cyber incidents in water systems, the rising threats require vigilance. Platforms like Cyble, with AI-driven threat intelligence, help protect these vital infrastructures. 

References 

The post MyCERT Advisory Recommends Cybersecurity Practices for Water Systems appeared first on Cyble.

Blog – Cyble – ​Read More