Critical water and electricity infrastructures in the United States and the United Kingdom are under a growing digital threat. This is revealed by a new study published by the firm specialized in cybercrafts Semperiswhich warns that 62% of public service companies have been the victim of at least one cyber attack in the last year, and that 80% of these aggressions have been repeated on more than one occasion.
This alarming panorama highlights a reality that worries experts and authorities: essential service operators are being targeted by increasingly sophisticated attacks, in many cases orchestrated by groups backed by foreign governments.
Among the most recent incidents is a cyber intrusion linked to the Volt Typhoon group, a group of threats sponsored by the Chinese state. This group would have managed to violate a public services company in Littleton, Massachusetts. Also, American Water Works, the largest water and wastewater treatment company in the United States, recently recognized unauthorized access in its computer network, which affected its billing and customer service systems.
The United States Environmental Protection Agency (EPA) has issued alerts urging companies in the sector to strengthen their detection, response and recovery measures to possible attacks, given the growing evidence of infiltrations that could have critical consequences for public health and national security.
A new Semperis study reveals that cyber attacks to water and electricity companies represent a risk for public safety and economic stability
According to the report, entitled Status of the resistance of critical infrastructureabout 60% of the registered cyber attacks were executed by groups linked to states-nation. In more than half of the cases (54%), the attackers managed to destroy or permanently corrupt data and operating systems. Even more worrying is that two out of three attacks committed fundamental identity systems such as Active Directory, Enter ID and OKTA. In addition, 15% of the operators confessed not to know with certainty if these systems were compromised.
One of the most disturbing findings in the report is that 38% of companies believe they have not suffered cyber attacks, which, in the opinion of experts, does not necessarily imply that they are safe, but rather that they could not have the technological capacity to detect active threats.
“It is likely that many public service companies have not realized that China has infiltrated their infrastructure. For example, it is known that threat actors sponsored by China, such as Volt Typhoon, prefer attacks Living off the landwhich are difficult to detect and can remain latent for months or even years, ”said Chris Inglis, Semperis Strategic Advisor and former National Cybersecurity Director of the US.
Critical Infrastructure Cybercuts
The report also highlights the fundamental role that these services for collective well -being. Unlike other sectors, the consequences of an interruption in the supply of electricity or drinking water go beyond economic damages, directly affecting the daily life and health of millions of people.
“The systems that serve our electrical networks and our clean drinking water network are the basis of everything we do. And yet we are dedicated to other issues, trusting that another will take care of it. But it is not so. We have to reinforce our systems and immediately extract the criminal elements,” said English.
In this context, Semperis recommends public service companies to adopt a comprehensive operational resilience strategy. This includes identifying the most critical infrastructure components for recovery, establishing clear priorities in the response to incidents, documenting and rehearsing recovery plans in realistic scenarios and, above all, ensuring that backup copies are not vulnerable to the same attacks.
“If resistance is not improved, attackers will continue to arrive. Public service companies have the opportunity to face this challenge. They must assume that violations will occur and, through practical exercises, they can rehearse attack scenarios that could come true in the future,” concluded Mickey Bresman, CEO of Semperis.
