Water and Waste Water

August 15, 2022: UK Water Utility Suffers Cyberattack

Customers have been assured there is safe drinking water after South Staffordshire PLC, the parent company of South Staffs Water and Cambridge Water in the UK, fell victim to a cyberattack Monday.
The company supplies 330 million liters of drinking water to 1.6 million customers.
“This incident has not affected our ability to supply safe water and we can confirm we are still supplying safe water to all of our Cambridge Water and South Staffs Water customers," the company said in a statement. "This is thanks to the robust systems and controls over water supply and quality we have in place at all times as well as the quick work of our teams to respond to this incident and implement the additional measures we have put in place on a precautionary basis."

July 7, 2022: Rhode Island Sewer System Operator Hit by Cyberattack

he Narragansett Bay Commission, which runs sewer systems in parts of the metropolitan Providence and Blackstone Valley areas, was hit by a ransomware attack on its computer systems. A spokeswoman for the commission acknowledged the attack in a Friday evening email to The Providence Journal.

"Last week, the Narragansett Bay Commission identified a cybersecurity incident that involved the encryption of data on certain computers and systems in its network," spokeswoman Jamie R. Samons said in the email. While she did not specify a ransomware attack, such attacks typically involve hackers encrypting data on a victim's computer system and refusing to supply the key to decode the data until a ransom is paid.

Samons did not reply to a follow-up email asking whether a ransom was paid. She did note that the systems hit by the attack are not ones that control the operation of the sewage system.

June 21, 2022: Indian Flood Monitoring System Targeted by Hackers

A Ransomware attack hit Goa’s flood monitoring system according to the Hindustan Times, which reports that the state government’s water resources department that maintains the data said that all its files have been encrypted and can no longer be accessed.

The data center server in Panaji stores the data of 15 flood monitoring systems on major rivers in the Goa region, as part of disaster management and flood control. Access is unavailable to data relating to batteries and to real time monsoon activity.

Reports are in that the servers of Flood Monitoring System were hit by the file-encrypting malware on June 21st,2022 and the hackers are demanding BTC in double-digit figures to free data from encryption. The department reportedly has no dedicated IT staff or security professional to react to such situations. Officials are not interested in paying a ransom to hackers and are sure to recover the locked-up data by other means.

July 4, 2021: Ransomware Attack on Holiday at ME Wastewater Plant

In northern Maine, Limestone Water and Sewer District was hit on the Fourth of July holiday. Limestone Water and Sewer District Superintendent Jim Leighton said the ransomware attack impaired control computers at two plants necessitating both to revert to manual operations. The control computers were responsible for alarming on equipment damage (pumps over-heating) and operational errors (tanks over-filling).

April 6, 2021: Ransomware Attacks At ME Wastewater Plant

The April attack occurred in the town of Mount Desert on Mount Desert Island, Maine.
In Mount Desert Island, officials said the attack took computers offline for three days, but treatment plants were not affected because they are controlled manually.
Ed Montague, superintendent for Mount Desert Wastewater, said, “The office computers were down for approximately three working days… Our treatment plants were not affected as they are manually controlled with no automated inputs.” No ransom was paid and no personal information was compromised, Montague said, and town and IT professionals were notified.

January 15, 2021: Hacker Accessed CA Water Treatment System

A hacker was easily able to get in to a San Francisco Bay Area water treatment facility in mid-January and delete programs used to treat drinking water, a senior intelligence official said Thursday.
The hacker used a former plant employee’s username and password to gain entry to the unidentified Bay Area water treatment facility Jan. 15, according to a NBC News report.

March 27, 2019: Ellsworth County Rural Water District Attacked

Wyatt A. Travnichek, 22, of Ellsworth County, Kansas ended up charged with one count of tampering with a public water system and one count of reckless damage to a protected computer during unauthorized access.

January 1, 1999: Navy Radar Shuts Down SCADA Systems

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

January 1, 1998: Computer Flaw Makes Water Undrinkable

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

January 1, 2007: Switch Malfunction Causes Sewage Spill

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

Pin It on Pinterest

Scroll to Top