A cyberattack on the St. Johns River Water Management District in Florida, which oversees the long-term drinking water supply, has been confirmed, leading to concerns about the security of water utilities. The agency, a regulatory body focused on water conservation and supply, identified suspicious activity in its IT environment and successfully implemented containment measures. While the agency stated that it does not have direct control over water utility technology, a ransomware gang claimed responsibility for the attack, highlighting potential vulnerabilities in critical infrastructure.
This incident follows warnings from top U.S. cybersecurity agencies about foreign attacks on water utilities. The St. Johns River Water Management District is actively monitoring its IT networks to prevent ongoing malicious persistence, and normal business operations continue. However, further comments are withheld until the investigation is complete. Concurrently, the Cybersecurity and Infrastructure Security Agency (CISA) has responded to active exploitation of Unitronics programmable logic controllers (PLCs) used in the water sector. CISA’s advisory, in collaboration with other agencies, warns of Iranian-affiliated hackers, known as CyberAv3ngers, targeting Israeli-made Unitronics PLCs, raising concerns about potential cyber-physical effects on water processes and equipment.
The cyberattacks on water utilities, including the recent incident in Florida, underscore growing threats to critical infrastructure. The St. Johns River Water Management District emphasizes ongoing vigilance and monitoring of IT networks, urging awareness among Go developers and organizations about potential vulnerabilities. The attacks coincide with a broader landscape of cybersecurity incidents, including the exposure of API tokens on platforms like GitHub, demonstrating the need for robust security measures to protect against supply chain attacks, data poisoning, and model theft.
Reference:
