For member awareness, WaterISAC is passing along this CISA Live event titled “Boosting Water Sector Cybersecurity.” The event is being conducted tomorrow, February 7, from 11:30 AM -12:00 PM ET and hosted on LinkedIn Live.
WaterISAC is passing along this announcement regarding a hearing for members’ awareness. As indicated below, the hearing was open to the public and press and was live streamed. If you missed the live stream, members are encouraged to view the recording at House.gov.
WaterISAC has been made aware of a phishing campaign that occurred last month impersonating the Maine CDC Drinking Water Program (DWP). The fake emails were reportedly sent to all Maine water operators and requested that operators click on a link to “verify or update” their information in order to avoid having their license revoked. The attackers used the Maine.gov logo and the Division title in the email subject lines to make the message appear legitimate.
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – February 6, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
A subcommittee hearing held yesterday on Ensuring Cybersecurity of America’s Drinking Water Systems, top water and wastewater systems sector trade officials expressed concerns to lawmakers that utilities are in urgent need of more government funding for cybersecurity training and resources.
Schneider Electric confirmed it fell victim to a ransomware attack on January 17 in its Sustainability Business division. The Cactus ransomware group has claimed responsibility. The attack resulted in theft of corporate data and disrupted some of the company’s Resource Advisor cloud platform.
Reminder: Action may be required if your utility uses affected versions of Ivanti Connect Secure and Policy Secure Gateways. Please have systems administrators address promptly, if they have not already.
Additionally, impacted utilities are strongly encouraged to conduct continuous threat hunting, regardless of the mitigations implemented and regardless of external or internal ICT results.
In Tuesday’s Security & Resilience Update, WaterISAC shared breaking news from Reuters regarding the U.S. Disruption of Chinese Threats to Critical Infrastructure, to include activity from the group tracked as Volt Typhoon. Yesterday, top U.S. officials confirmed that it disrupted a botnet run by the prolific Chinese government-aligned threat group.
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – February 1, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
