Attention: Action may be required. If your utility uses affected versions (9.x and 22.x) of Ivanti Connect Secure and Policy Secure Gateways, please have systems administrators address promptly.
For months, WaterISAC has been tracking and sharing various developments regarding Chinese state-affiliated actors, Volt Typhoon and the threat this group’s tactics pose to U.S. critical infrastructure, including water and wastewater infrastructure. Earlier today, Reuters published an exclusive report highlighting recent U.S. government actions to fight this pervasive threat. WaterISAC is providing this developing situation for awareness and will continue to track and report accordingly.
Today, CISA and the EPA jointly released a Water Sector Cybersecurity Toolkit to aid water and wastewater sector stakeholders in bolstering their cybersecurity preparedness. The toolkit can help water and wastewater utilities build their cybersecurity foundation and progress to implement more advanced, complex tools to strengthen their
Update to include key witnesses:
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – January 30, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Two Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
Forescout Research – Vedere Labs published its Global Threat Roundup Report for 2023 which included key findings related to OT/ICS infrastructure. Most notable were several OT protocols, of which five were listed as constant targets and made up 98% of OT-related attacks. These five include Modbus, Ethernet/IP, Step7, DNP3, and IEC10X.
Water utility giant, Veolia North America, is the latest victim of a ransomware attack adding to the recent spate of cyber attacks impacting entities across the water and wastewater systems sector. As the investigation ensues, it appears the attack was limited to the company’s internal back-end servers and affected its bill payment systems. While Veolia has stated that there is “no evidence to suggest it affected our water or wastewater treatment operations,” experts and investigators are still assessing the full extent of the attack’s impact.
WaterISAC convened its monthly Water Sector Cyber Resilience Briefing on January 24. Dawn Cappelli, Director of OT-CERT, and Gus Serino, OT-CERT/I&C Secure, Inc., presented.
Agenda - Do You Struggle with OT/ICS Cybersecurity or Just Need a Sanity Check?
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
