Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Keep the Water Flowing for the DoD: Securing Operational Technology from Cyberattacks

Keep the Water Flowing for the DoD: Securing Operational Technology from Cyberattacks

Malicious actors are ramping up attacks against water and wastewater systems (WWS), which are not only attractive targets but also complex to protect. The U.S. Department of Defense (DoD) in particular operates a large number of WWS facilities. Read on to learn how a strong cybersecurity program can help the DoD significantly reduce the cyber risk of its WWS systems.

Water systems are often high-value targets for cyberattacks, because they provide essential services to society and any disruption to their operations has severe consequences, including water shortages and public health risks. In addition to being attractive targets, these systems are frequently older, lack modern cybersecurity controls and include a range of interconnected systems and technology. These factors make them highly vulnerable to cyber threats. Ensuring the availability of safe, clean drinking water for military personnel and operations is a paramount concern for the Department of Defense (DoD). The number of possible attack vectors is immense: The DoD operates more than 100 wastewater treatment facilities and supplies water to 3.4 million people living and working in DoD facilities, such as military bases. In addition, there are more than 500 DoD installations worldwide, with over 500,000 buildings and structures, covering millions of acres of land in the U.S, U.S territories and over 30 other countries.

The DoD needs a robust cybersecurity program to help it gain visibility of cyberattack vectors, address system vulnerabilities and protect its essential water and wastewater (WWS) facilities and resources, to effectively reduce risks from cyberthreats.

The growing need for OT security in water facilities

The evolution of water treatment facilities into technologically sophisticated entities has led to an increase in the adoption of operational technology (OT) and industrial control systems (ICS). This progress has transformed critical infrastructures into interconnected, digitized systems that leverage advanced functionalities like automation, real-time data monitoring and remote access. 

However, integrating internet of things (IoT) devices and cloud computing has increased the number of connections to the critical infrastructure. New attack vectors create opportunities for cyber criminals to enter the OT environment, expanding the attack surface. Given the pivotal role that DoD facilities play in national security, the integration of these systems with advanced cybersecurity protocols and redundancy measures becomes an even higher priority. 

Cybersecurity incidents in recent years have shown that bad actors are increasingly targeting water facilities. For instance, in December a group backed by Iran’s Islamic Revolutionary Guard Corps attacked at least 11 different U.S water facilities, including a water facility in Pennsylvania that was forced to go into manual operations. In November, the North Texas Municipal Water District, which supplies drinking water to more than 2.2 million people was hit with a ransomware attack from the ransomware gang Daixin Team.

To help prevent such attacks, WWS facilities need stringent cybersecurity protocols. In response, federal agencies like the Environmental Protection Agency (EPA) are enforcing compliance mandates and regulations to bolster the cybersecurity posture of WWS. These measures aim to ensure comprehensive visibility and security across the hybrid IT/OT/IoT environments within modern water treatment systems, emphasizing the need for sophisticated OT security solutions capable of countering cyberthreats.

Addressing challenges in modern water infrastructures 

In addition to OT and ICS, the shift from isolated operations to centralized and automated systems in drinking water treatment plants (DWTPs) and wastewater treatment plants (WWTPs) marks a significant advancement in water management. Centralized DWTPs and WWTPs offer improved efficiency and control, enabling more effective management of resources and regulatory compliance. They rely on a range of technologies, including programmable logic controllers (PLC) to control various stages of water treatment. PLCs control and monitor processes such as activating pumps, managing chemical flow and generating compliance data.

Advanced systems such as these come with their own challenges. The integration of multiple technologies has made system operations more complex, requiring specialized knowledge and skills to manage and protect them. Cyber threat actors have exploited weaknesses, such as poor password security and exposure to the internet, to gain unauthorized access. For example, in one incident, threat actors targeted a U.S. water facility’s PLCs, leading to the facility taking its system offline and switching to manual operations.

Overcoming legacy limitations

The “always-on” nature of DWTPs and WWTPs makes it challenging to perform routine maintenance or apply patches when vulnerabilities are discovered. This difficulty is compounded in facilities with large infrastructures and diverse, multi-generational devices. An effective OT security solution should offer asset inventory capabilities and ensure the continuous monitoring and control of water treatment processes, even in distributed environments.

Essential features of an OT security solution

To effectively secure DoD’s water resources from cyber risks, an OT security solution must possess certain key features:

  • Asset visibility and inventory: Ability to identify and catalog IT and OT devices from a wide array of vendors, across different generations and interconnected networks without disrupting plant operations. 
  • Continuous monitoring: Real-time monitoring capabilities to maintain the most up-to-date asset inventory and visibility of cyberthreats. 
  • Advanced threat detection: Utilization of a powerful threat detection engine to identify and alert potential incidents from various sources.
  • Configuration monitoring: Tools for monitoring and tracking changes to system configurations to mitigate risks from human error, insider threats and malware.
  • Vulnerability management: An effective vulnerability management capability is critical for maintaining a proactive cybersecurity program for the mix of modern and legacy systems.

Implementing comprehensive cybersecurity measures with Tenable

The solution for protecting the DoD's water resources requires a holistic approach. This includes implementing robust cybersecurity measures, such as inventory and vulnerability management; ensuring data security; and maintaining compliance with industry regulations and EPA guidelines.

Tenable OT Security offers comprehensive cybersecurity capabilities for critical water infrastructure that align with federal cybersecurity advisories and EPA recommendations and that assist in maintaining compliance with the evolving regulatory landscape.

For the DoD, the security of water treatment plants is not just a matter of operational efficiency. It’s imperative for the DoD’s mission of protecting the security of our nation. Embracing advanced OT security solutions like Tenable OT Security is crucial in safeguarding these critical resources against evolving cyber threats. 

To explore how Tenable can enhance the security of your water treatment facilities, read our white paper or reach out to our sales team for a demo or check out the related resources below. 

Learn more

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training