Coronavirus and Water Utilities
There is no current evidence on the survival of COVID-19 (Coronavirus) virus in drinking water or sewage… but that does not mean you are 100% in the clear. The NRWA states “The morphology and chemical structure of COVID-19 virus is very similar to other surrogate human coronaviruses for which there is evidence on both survival in the environment and effective inactivation measures.”
With this being said, IronTech recognizes the gravity of the situation for all and wants to make sure you are conscious of hackers taking advantage of the COVID-19 circumstances. If there is one thing certain about a pandemic, hackers will use it for their own gain.
Cyber-criminals are targeting individuals, small businesses and industries. Just recently, the U.S. Health and Human Services Department suffered a cyber-attack on its computer system during this crisis. Everyone and every business is vulnerable to an attack regardless of how small or unknown you think you are.
Is Your Water Utility Prepared For COVID-19?
Being prepared for the Coronavirus hackers is the first step in protecting your water utility. Having the right security in place will prevent a dreadful disaster. Hackers can take over your system and steal all of your customer information or make it impossible to receive payments. The possibilities are endless. Having a security solution in place will prevent these occurrences from happening in the first place.
Hackers are using the coronavirus concerns to scam, there has been an uptick in phishing emails from hackers since the beginning of the pandemic. Be on look out for phishing emails. Hackers can send out emails disguised as other water utilities, looking 100% legitimate. Phishing emails are fraudulent emails in attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy source.
SCADA system vulnerabilities continue to grow even in the midst of the COVID-19 outbreak. SCADA systems require different detection to fight against exploits and vulnerability discoveries. SIEM (Security Information & Event Management) is essential for any water utility. It analyzes data across the network to detect issues and attackers faster. Without SIEM, you are at a greater risk for a breach.
As more and more companies ask their employees to work remotely, threats and technological risks are increasing as well. Are you using a 3rd party for remote access? They have been and will be continued to be breached time and time again. The most popular way for remote employees to be compromised is through email.
Now What – COVID 19 and Water Utility Companies
Your COVID-19 solution is simple. You need layered security, also known as layered defense. Layered security is the practice of combining multiple security controls (defense) throughout your IT system to protect resources and data. This is crucial for any SCADA system to have in place to avoid any loopholes. This provides strength and depth to reduce the effects of a threat. This defense can be divided into three areas:
- Physical Controls: Physical controls are anything that physically limits or prevents access to IT systems.
- Technical Controls: Technical controls are hardware or software whose purpose is to protect systems and resources.
- Administrative Controls: Administrative controls are an organizations policies and procedures. Their purpose is to ensure that there is proper guidance available in regards to security and that regulations are met. This can include things such as security requirements and data handling procedures.
In this difficult time, we all must remain strong. Make sure you are taking the extra precautions protect your utility from the Coronavirus hackers. It is impossible to over-prepare and impossible to have too much security. It is MUCH more expensive to recover from a disaster than it is to have top quality protection.
Security is an investment, not an expense.