Written by 6:30 am Security News

Cybersecurity Incident Affects Arkansas City Water Treatment Facility

Hackers target Arkansas City water treatment plant

Arkansas City, Kansas, has confirmed that its water treatment facility experienced a cybersecurity incident on September 22 2024, prompting a temporary switch to manual operations. Local authorities were notified immediately, and cybersecurity experts are working to restore the facility’s automated systems.

Writing in an advisory on Sunday, City Manager Randy Frazer emphasized that the incident has not disrupted water services or compromised water quality.

“Despite the incident, the water supply remains completely safe, and there has been no disruption to service. Out of caution, the Water Treatment Facility has switched to manual operations while the situation is being resolved,” Frazer stated. He also reassured residents that the city fully controls the water system.

Though details of the incident have not been fully disclosed, there are indications that the attack may have involved ransomware, as the decision to switch to manual operations often follows attempts to contain such breaches. Enhanced security protocols have been implemented to safeguard the city’s water supply.

Arkansas City officials have engaged cybersecurity professionals and informed relevant authorities to mitigate the situation. The city has also affirmed that no water quality or service changes are expected as the investigation continues.

Read more on ransomware attacks: Can Antivirus Detect Ransomware

This incident highlights the growing vulnerability of public utilities, especially in the water sector, which has become an increasing target for cyber-attacks. Efforts to bolster cybersecurity resilience across US water facilities are ongoing, with government agencies taking active steps to prevent future breaches.

Companies in the water sector should implement comprehensive cybersecurity strategies to protect themselves from such breaches. Key steps include regular security assessments, employee training on phishing and social engineering, robust data encryption, and the adoption of multi-factor authentication (MFA) to secure access.

Additionally, keeping software systems up to date and establishing incident response plans can help utilities quickly respond to and mitigate attacks.

Infosecurity has contacted Arkansas City for further details and will update this article with new information if and when it becomes available.

Source: Infosecurity Magazine

Latest News:

  • Sellafield Fined for Cybersecurity Failures at Nuclear Site
    Sellafield Ltd. has been fined £332,500 ($437,440) for cybersecurity failures at the Sellafield nuclear facility in Cumbria, North-West England. Westminster Magistrates Court issued the fine following a prosecution brought by the Office for Nuclear Regulation (ONR), the UK’s independent nuclear regulator. Sellafield Ltd has also been ordered to pay prosecution costs of £53,253.20 ($70,060). The offences …
  • Ransomware Attack Forces UMC to Divert Emergency Patients
    The University Medical Center (UMC) Health System in Lubbock, Texas, has confirmed a ransomware attack that disrupted its IT infrastructure last week, forcing the diversion of emergency and non-emergency patients.  UMC, the only level 1 trauma centre within 400 miles, faced significant operational challenges, with phone systems down and the patient portal inaccessible. Despite this, …
  • British Hacker Charged in the US For $3.75m Insider Trading Scheme
    A British hacker accused of orchestrating a $3.75m insider trading scheme has been charged in the US. Robert Westbrook, 39, allegedly gained unauthorized access to corporate executives’ email accounts to profit from confidential financial information. US authorities arrested Westbrook last week in London, and he is awaiting extradition to face multiple charges, including securities fraud …