Skip to main content
close search
site logo
Dive Brief

USDA, White House launch study to boost cyber resilience of rural water utilities

A yearlong program with the National Rural Water Association will provide technical assistance to water utilities led by Vermont and Oregon officials.

Published Nov. 4, 2024
David Jones's headshot
Reporter
National Cyber Director Harry Coker Jr. delivers keynote on the national cybersecurity strategy implementation plan on May 22, 2024 at the McCrary Institute at Auburn University in Washington D.C.
National Cyber Director Harry Coker Jr. delivers keynote on the national cybersecurity strategy implementation plan on May 22, 2024 at the McCrary Institute at Auburn University in Washington D.C. Coker's office has prioritized efforts to help water facilities to become more resilient. Permission granted by McCrary Institute

Dive Brief:

  • The U.S. Department of Agriculture and the White House Office of the National Cyber Director launched a study last week to help improve the cyber resilience of rural water systems. The program, which will last one year, will be conducted in partnership with the National Rural Water Association.
  • The USDA will expand its Circuit Rider Program during the study, which provides additional cybersecurity support and training for rural drinking and wastewater treatment facilities. Two NRWA affiliates, the Vermont Rural Water Association and the Oregon Association of Water Utilities, will administer the program.
  • “Through this study, the federal government and our partners can better understand the cybersecurity capacity of rural water utilities before and after engagement with cybersecurity-focused Circuit Riders in order to inform future approaches and opportunities to bolster their resilience,” a spokesperson for ONCD told Cybersecurity Dive via email.

Dive Insight:

The expanded cybersecurity program comes at a critical time for the nation’s drinking and wastewater treatment systems, as a rising number of hacktivists and criminal ransomware groups have targeted the facilities for cyberattacks.

The Cybersecurity and Infrastructure Security Agency has repeatedly warned that hackers have targeted water utilities using poor configurations, by relying on default passwords, leaving their systems exposed to the internet and failing to use multifactor authentication.

The Vermont Rural Water Association has been providing cybersecurity training to local utilities for years, but said the pilot program will allow it to provide hands-on assistance to under-resourced facilities. 

“Most water utilities in Vermont are too small to have their own IT staff, and it is not realistic to expect water operators to become cybersecurity experts on top of their many other responsibilities,” Katherine Boyk, a spokesperson for VRWA, said via email. “We will now have a full-time staff member who can provide cybersecurity assistance to any public drinking water system in Vermont, for free.”  

Vermont is working to help utilities prevent future attacks, but other states have been forced to grapple with hacks in recent months.   

In late September, a local water utility in Arkansas City, Kansas, had to revert to manual operations after it was targeted in a cyberattack. 

Following that incident, American Water Works, the nation’s largest regulated water utility, temporarily took systems offline after attackers gained access to some of its computer network. American Water operates in 14 U.S. states and 18 military installations.

Editors' picks

Company Announcements

View all | Post a press release
Torus Unveils Integrated Energy Storage and AI-Driven Cybersecurity Solutions
From Torus
October 24, 2024
CUSO Financial Services, LP Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Mystic Valley Elder Services Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Whalebone Wins 2024 CyberSecurity Breakthrough Award
From Whalebone
October 15, 2024
Editors' picks
Latest in Strategy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell