Do you use CISA’s free products and services, such as the Vulnerability Snapshots and the Cyber Risk Summary: Water and Wastewater Systems Sector, etc.? Even if you don’t, those reasons are of interest too.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience & OT Vulnerability Management
Today, CISA, the FBI, and other U.S. and international partners released a joint Cybersecurity Advisory (CSA) titled “Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure”. The joint advisory provides cybersecurity threat intelligence, along with tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) linked to cyber actors from the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155).
The Office of the National Cyber Director released a report Tuesday, “Roadmap to Enhancing Internet Routing Security,” designed to help fortify a vulnerable element of the internet known as Border Gateway Protocol (BGP). Administration officials have cautioned that certain technical rules for internet data routing, which is BGP, are vulnerable to hackers, and that the United States is not adequately prepared to safeguard against it.
A recent report from LexisNexis Risk Solutions reveals a concerning trend in password attacks, highlighting that as many as one in four password reset attempts via desktop browsers are fraudulent. Researchers identified approximately 70,000 weekly password reset attacks in the UK, a significant escalation attributed to "detail change" attacks, which surged by 232% in 2023.
On Tuesday, the Michigan Department of Environment, Great Lakes, and Energy (EGLE) unveiled an initiative aimed at enhancing cybersecurity preparedness for drinking water and wastewater treatment operators throughout Michigan. This initiative intends to establish a comprehensive strategy that bolsters operators' resilience against both online and offline threats.
In a recent publication, GovTech magazine emphasized the cybersecurity threats facing critical infrastructure. One of the focuses of the article was water and wastewater systems.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
Security researchers have identified a new ransomware group named "Cicada3301," linked to the ALPHV/BlackCat variant and the Brutus botnet. Cicada3301 has been observed targeting VMware ESXi environments, aiming to disrupt virtual machines by shutting them down, deleting snapshots, and encrypting data. The group's first data leak site post appeared on June 25, followed by an invitation for new affiliates to join on the cybercrime forum Ramp. WaterISAC is sharing for broader awareness of threat actor groups and tactics.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
