Global branch of a multinational water treatment company is investigating a cyber attack that occurred in November, possibly due to data encryption.
In a concerning turn of events, Kurita America, a leading provider of industrial water treatment equipment and services with an annual revenue of $2 billion, is currently investigating a cyberattack detected in late November. The company has not disclosed the extent of the data breach or the identity of the unauthorized actor, but has warned its customers about potential phishing emails requesting payments.
The incident serves as a stark reminder for water utilities across the nation to strengthen their cybersecurity measures against known security weaknesses and poor cyber hygiene. This warning comes in the wake of a November report by the Office of Inspector General at the Environmental Protection Agency that found 300 water systems, serving 26 million people across the U.S., had vulnerabilities.
Kurita America is working with outside forensic experts to review its security protocols and technology systems. The compromised servers were disconnected to prevent further spread of malware, but were later restored. Information on customers, business partners, business contact information, purchasing data, and other proprietary information may have been accessed.
Common security weaknesses in critical infrastructure, including the water industry, include phishing attacks, vulnerabilities in software and systems, insufficient network segmentation, physical security risks, and inadequate incident response plans. Poor cyber hygiene practices, such as weak passwords, inadequate staff training, insufficient monitoring and logging, and neglecting regular updates and patches, can also leave systems vulnerable.
These practices are not specific to the water industry but are common across various sectors and can be targeted by hackers in any industry. For specific information about the attack on Kurita America, more detailed reports or investigations would be needed.
The attack on Kurita America follows a similar incident in October, where American Water Works, the largest regulated water utility in the U.S., had to take its systems offline for about a week due to a hack. These malicious actors are targeting known security weaknesses and poor cyber hygiene, such as reliance on default passwords, failing to implement multifactor authentication, or exposing systems to the public internet.
U.S. authorities have repeatedly warned the water industry about state-linked hacktivist groups and financially-motivated threat groups targeting the industry. The incident underscores the ongoing threat of cyberattacks to the water industry, as highlighted by recent warnings from U.S. authorities and the EPA report in November.
In response to the cyberattack, Kurita America has advised its customers to confirm account numbers before making any payments and to report suspicious emails to the company's accounting department using the previously known phone numbers, not the one provided in the email. The company has declined to comment on any specifics beyond the posted blog.
- The cyberattack on Kurita America emphasizes the necessity for water utilities nationwide to reinforce their cybersecurity measures against acknowledged security vulnerabilities and slack cyber hygiene.
- The attack on Kurita America's servers may have unveiled valuable information such as customer data, business partner contact details, purchasing data, and proprietary information.
- Common weaknesses in critical infrastructure, including the water industry, encompass phishing attacks, software and system vulnerabilities, insufficient network segmentation, physical security risks, and inadequate incident response plans.
- Hackers can exploit poor cyber hygiene practices, such as weak passwords, inadequate staff training, insufficient monitoring and logging, and neglecting regular updates and patches, in any industry.
