The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
The Office of the Director of National Intelligence (ODNI) recently published a graphic depicting the vulnerability to U.S. industrial control systems. The graphic includes top recommendations and guidance from CISA, the EPA, FBI, and WaterISAC. The dataset was provided by the Cyber Threat Intelligence Integration Center (CTIIC) that captures cyber attacks on industrial systems from November 23, 2023 through April 22, 2024.
As data breaches continue to impact organizations at an increasing rate, the importance of effective cyber incident response is more important than ever. WaterISAC is sharing resources and tools to help utilities prepare for and implement this crucial aspect of organizational resilience.
Cybersecurity researchers have recently reported that threat actors leaked a significant compilation of passwords on a popular hacking forum totaling 9.9 billion passwords. The compilation, known as “RockYou2024” was posted by a user named “ObamaCare” on July 4, and boasts the “largest password compilation of all time.” These kinds of sensational headlines are indeed notable. However, it’s important to note that this is not a new development, nor are these believed to all be newly leaked credentials.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
In a notification published today, CISA has collaborated with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) to release an advisory, People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action (AA24-190A) outlining a PRC state-sponsored cyber group’s activity.
WaterISAC has been made aware of a second phishing attempt against Maine water operators. This time the campaign also targeted well drillers. The campaign was reported to the Maine CDC Drinking Water Program on June 24, 2024, and was observed using a similar template as the prior attempt reported in January 2024 – Threat Advisory – Phishing Campaign Impersonates State CDC Drinking Water Program.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
A recent post by Google Cloud’s Mandiant discusses the how the global revival of hacktivism requires increased vigilance from defenders. This increased vigilance includes defenders of the water and wastewater systems sector, as it has seen multiple attacks from the modern hacktivist classification of threat actors in recent months.
CISA has released the latest version of its Secure Tomorrow Series Toolkit, which is a diverse array of interactive and thought-provoking products designed to assist critical infrastructure stakeholders in the identification of emerging risks and the development of risk management strategies.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
