"EPA and the agency’s inspector general are at odds over whether federal oversight is sufficient to ensure U.S. water operators are protected against hackers and other saboteurs.
EPA’s inspector general today released an audit, which found weaknesses in the agency’s oversight of thousands of water system operators, including a lack of accurate contact information, insufficient resources to get the job done, and a lack of clear and transparent communication with smaller systems that failed to comply.
The findings highlight a growing area of concern for critical infrastructure in the U.S. Last year, a hacker altered chemical levels at a water plant in Florida. In March 2019, a former worker at a Kansas water system threatened drinking water safety after using credentials that had not been revoked to remotely access a system computer, according to the EPA inspector general. And in 2018, a ransomware attack on the city of Atlanta disrupted city utilities, and workers at the city’s water system were unable to turn on their computers or gain wireless internet access."