(Ionut Arghire – SecurityWeek) – Arkansas City, a small city in Kansas, said its water treatment facility was forced to switch to manual operations while a cybersecurity incident is being resolved.
The incident, described by local media as a cyberattack, was discovered on the morning of September 22 and led to precautionary measures being taken “to ensure plant operations remained secure”, the city announced in an incident notice.
According to city manager Randy Frazer, the water supply has not been affected and the incident has not caused disruption to service.
“Despite the incident, the water supply remains completely safe, and there has been no disruption to service. Out of caution, the water treatment facility has switched to manual operations while the situation is being resolved,” Frazer said.
He also noted that the city has full control of the situation and reassured residents that the drinking water is safe.
Arkansas City says it has notified the relevant authorities of the incident and that they are working with cybersecurity experts to address the issue and return the facility’s operations to normal.
“Enhanced security measures are currently in place to protect the water supply, and no changes to water quality or service are expected for residents,” the city said.
While the city’s notification does not share further details on the incident, it appears that the water treatment plant might have fallen victim to a ransomware attack.
Switching to manual operations suggests that systems were shut down to contain the attack, which is the typical response to incidents involving ransomware.
SecurityWeek has emailed Arkansas City for additional information on the incident and will update this article as soon as a reply arrives.
US water facilities in the US have been facing increasing cyber threats in recent years, and the government has been taking steps to increase the water sector’s resilience to cyberattacks.
Water Treatment Facility in Arkansas City Switches to Manual Mode After Suspected Cyberattack
Arkansas City said a cybersecurity issue at its Water Treatment Facility on September 22, 2024 forced the facility to switch to manual operations.
Iran-Linked “Cyber Av3ngers” Hackers Compromise Control System at Pennsylvania Water Utility
Iran-Linked "Cyber Av3ngers" hackers compromised an industrial control system at the Municipal Water Authority of Aliquippa (MWAA) in Pennsylvania.
Russian Sandworm Hackers Target Ukraine’s Power Grid in Coordinated Cyber-Physical Attack
Russia’s Sandworm hackers disrupted power in Ukraine using a novel attack against operational technology (OT) coordinated with missile strikes.
Deep Dive: PIPEDREAM/Incontroller ICS Attack Framework
In this session, Mark Plemmons, Sr. Director for Threat Intelligence at Dragos, dives deep into the technical details and real-world impact on the modular ICS attack framework known as PIPEDREAM/Incontroller
Researchers Use IoT and IT to Deliver Ransomware Attack Against OT
Critical industries must prepare themselves for a new wave of ransomware attacks specifically targeting OT
Colonial Pipeline Still Mostly Offline After Ransomware Attack
The Colonial Pipeline is working on a restart plan after a ransomware attack triggered the company to halt all pipeline operations on May 7, 2021.
The Past & Future of Integrity Attacks in ICS Environments (Video)
Integrity-based attacks can produce significant impacts through undermining a physical process and calling into doubt the viability of a specific facility.
The Growing Threat of Drones
Drones are an increasing threat to industrial sites, enabling various attacks (cyber and physical) that historically were only possible in close proximity to a facility or device.
Side-Channel Attacks Put Critical Infrastructure at Risk
ICS Devices Vulnerable to Side-Channel Attacks: Researcher Shows (Eduard Kovacs - SecurityWeek) Side-channel attacks can pose a serious threat to industrial control systems (ICS), a researcher warned last month at SecurityWeek’s ICS Cyber Security Conference in Atlanta, GA. Demos Andreou, a lead engineer at power management company Eaton, has conducted an analysis of protection devices typically used in the energy sector, specifically in power distribution stations. Side-channel attacks can be used to extract data from a system based on information gained by observing
DHS Releases ICS-CERT 2016 Assessment Summary Report
By: Eduard Kovacs (SecurityWeek) - The assessments conducted by the U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in 2016 showed that inadequate boundary protection has remained the most prevalent weakness in critical infrastructure organizations. ICS-CERT conducted 130 assessments in the fiscal year 2016, which is more than in any previous year. Monitor newsletters published by ICS-CERT this year show that it has already conducted 74 assessments in the first half of 2017. Assessments are offered to both government organizations and private sector companies