Connecting Waterpeople

Russian-linked hackers suspected in Texas water facility cyberattack

  • Russian-linked hackers suspected in Texas water facility cyberattack

About the entity


Experts from US firm Mandiant revealed on Wednesday that they believe a hacking group with ties to the Russian government is behind a cyberattack that caused a tank at a Texas water facility to overflow last January, reports the CNN.

This revelation comes amid heightened scrutiny over cybersecurity vulnerabilities in the wake of similar attacks on infrastructure facilities.

The small town of Muleshoe was not alone in facing cyber threats, as other municipalities in north Texas reported detecting suspicious cyber activity on their networks around the same time. The Federal Bureau of Investigation (FBI) has been actively investigating these incidents, according to town officials speaking to CNN.

This attack underscores a growing trend of hackers targeting sensitive industrial equipment to disrupt operations within the United States. Last November, a cyberattack on a water plant in Pennsylvania, attributed to Iran by US officials, highlighted the vulnerability of critical infrastructure to malicious cyber activities.

The recent incidents in Texas have prompted a public plea from US national security adviser Jake Sullivan for state officials and water authorities to bolster their cyber defenses. Sullivan, in a joint letter with the head of the Environmental Protection Agency, emphasized the urgent need for improved security measures against cyber threats facing water and wastewater systems across the country.

Concerns have been raised about the readiness of the approximately 150,000 public water systems in the US to effectively combat persistent hacking threats from criminal and state-sponsored actors.

Analysts remain uncertain whether the GRU directly orchestrated the cyberattack on Muleshoe's water facility or if other Russian-speaking hackers using the same persona were involved.

This revelation comes amid heightened scrutiny over cybersecurity vulnerabilities in the wake of similar attacks on infrastructure facilities

Although the incidents did not compromise the drinking water in the affected towns, the potential involvement of the GRU or its proxies would represent a concerning escalation in targeting critical infrastructure by a group historically associated with operations in Ukraine.

In Muleshoe, where approximately 5,000 residents reside, hackers exploited vulnerabilities in a remote login system for industrial software, allowing them to manipulate a water tank. City manager Ramon Sanchez disclosed that the tank overflowed for approximately 30 to 45 minutes before authorities intervened by disconnecting the compromised system and resorting to manual operations. Immediate measures were taken to replace the compromised software system and enhance network security.

“Water utilities are being abused by adversaries taking advantage of low-hanging fruit — vulnerable services directly accessible from the internet,” said Gus Serino, a water-sector cybersecurity expert who is president of security firm I&C Secure.

“Regulations have not required this low-hanging fruit to be addressed,” Serino told CNN. “This shows a pretty clear need to handle the basics.”

In October, the EPA was forced to rescind a key cybersecurity regulation for public water systems following a legal challenge from Republican attorneys general.

The EPA rule “could have put simple measures in place and prevented recent attacks on the water systems,” Anne Neuberger, deputy national security adviser for cyber and emerging technology at the White House, said in a statement to CNN on Tuesday. “But, we remain steadfast in our efforts to ensure Americans’ water systems are secure against cyber attacks, calling on owners and operators to lock their digital doors.”

The Biden-Harris administration, Neuberger added, has recently advised state officials on setting up security plans for protecting their water systems from hacks.

Subscribe to our newsletter

Topics of interest

The data provided will be treated by iAgua Conocimiento, SL for the purpose of sending emails with updated information and occasionally on products and / or services of interest. For this we need you to check the following box to grant your consent. Remember that at any time you can exercise your rights of access, rectification and elimination of this data. You can consult all the additional and detailed information about Data Protection.

Featured news