Arkansas City, Kansas, has confirmed that its water treatment facility experienced a cybersecurity incident on September 22 2024, prompting a temporary switch to manual operations. Local authorities were notified immediately, and cybersecurity experts are working to restore the facility’s automated systems.
Writing in an advisory on Sunday, City Manager Randy Frazer emphasized that the incident has not disrupted water services or compromised water quality.
“Despite the incident, the water supply remains completely safe, and there has been no disruption to service. Out of caution, the Water Treatment Facility has switched to manual operations while the situation is being resolved,” Frazer stated. He also reassured residents that the city fully controls the water system.
Though details of the incident have not been fully disclosed, there are indications that the attack may have involved ransomware, as the decision to switch to manual operations often follows attempts to contain such breaches. Enhanced security protocols have been implemented to safeguard the city’s water supply.
Arkansas City officials have engaged cybersecurity professionals and informed relevant authorities to mitigate the situation. The city has also affirmed that no water quality or service changes are expected as the investigation continues.
Read more on ransomware attacks: Can Antivirus Detect Ransomware
This incident highlights the growing vulnerability of public utilities, especially in the water sector, which has become an increasing target for cyber-attacks. Efforts to bolster cybersecurity resilience across US water facilities are ongoing, with government agencies taking active steps to prevent future breaches.
Companies in the water sector should implement comprehensive cybersecurity strategies to protect themselves from such breaches. Key steps include regular security assessments, employee training on phishing and social engineering, robust data encryption, and the adoption of multi-factor authentication (MFA) to secure access.
Additionally, keeping software systems up to date and establishing incident response plans can help utilities quickly respond to and mitigate attacks.
Infosecurity has contacted Arkansas City for further details and will update this article with new information if and when it becomes available.
Source: Infosecurity Magazine
Latest News:
- #CyberMonth: Software Updates, A Double-Edged Sword for Cybersecurity Professionals
Software updates are critical in protecting systems from cyber threats and providing new and improved functionality to software products. They are necessary to patch vulnerabilities that can be exploited by malicious actors, ensuring that systems remain secure. Software updates are one of the four pillars of the 2024 International Cybersecurity Awareness Month campaign. As part … - Universal Music Group Admits Data Breach
Universal Music Group (UMG), one of the world’s largest music corporations, disclosed a data breach in mid-July 2024. According to a filing with the Maine Attorney General’s Office, the breach may have exposed the personal information of 680 US residents. In the filing, UMG said it detected unauthorized activity in one of its internal applications on July 15, … - Sellafield Fined for Cybersecurity Failures at Nuclear Site
Sellafield Ltd. has been fined £332,500 ($437,440) for cybersecurity failures at the Sellafield nuclear facility in Cumbria, North-West England. Westminster Magistrates Court issued the fine following a prosecution brought by the Office for Nuclear Regulation (ONR), the UK’s independent nuclear regulator. Sellafield Ltd has also been ordered to pay prosecution costs of £53,253.20 ($70,060). The offences …
