Cyber attack on water treatment plant

In my previous blog, I had described how and why it is important for critical agencies to ensure that they are secure from cyber threats lurking around. If you have not read the blog then I strongly suggest you should. The reason being that another cyber attack has taken place, where a malicious actor has targeted critical infrastructure, and this time it is Ellsworth Water Plant at Kansas. 

It is worth mentioning that it is not the first time cyber criminals are targeting a water supply system. A similar incident occurred when cyber criminals tried to  poison a water plant in Florida, USA. 


Cyber Attack on Water Treatment Plant in Ellsworth (Kansas)

A former worker of a water treatment plant in Ellsworth, Kansas (USA) remotely accessed a Post Rock Water District computer system to shut down the cleaning and disinfecting processes. Notably, shutting down of water cleaning and disinfection processes leaves the water contaminated with unwanted chemicals and biological agents. And such cyber attacks on water utilities can seriously damage public health at an unimaginable level.


This Has a Background

In the year 2018, the US Department of Homeland Security (DHS) and the FBI came out with a warning that the Russian government is specifically targeting the critical infrastructure in the US, especially the water supply system. The US government decided to form Cybersecurity and Infrastructure Security Agency (CISA) in the same year to protect critical infrastructure from cyber threats. 

In line with the efforts to deal with the cyber security challenges facing the US, the Biden administration has also announced that they are launching an ‘urgent initiative’ to improve the cyber security in the country. This also includes a proposal to increase CISA’s budget by 30% as part of the COVID-19 relief package.


Improving the Cyber Security Outlook of Critical Agencies

In an article published by Duo, it was mentioned that in the cyber attack on water treatment plant in Florida, the computers, which were connected to the control systems, used an outdated Windows 7 operating system. Moreover, all the computers used the same password for remote access and lacked firewall protection.

However, cyber attack on Ellsworth’s water plant was different. The said former worker, the perpetrator in this case, used to access computers for plant monitoring purposes. At the time of his departure, his access credentials were not revoked. This is where the plant authorities committed a blunder.

These two cases present us with lessons to be learned. However, other than this, there are some cyber security best practices that can help in avoiding mishaps. Some of them are mentioned below:


  1. Awareness
    Cyber security awareness should be the foundation of an organization’s cyber security policies. In this regard, every enterprise, small or big, should opt for security awareness tools for generating and improving the overall cyber security awareness in their organization.

    ThreatCop is one such cyber security awareness tool that uses simulation and awareness content for educating the employees of an organization about cyber security. This tool can help you reduce the cyber security risks originating from employee negligence in your organization by up to 90%.

    Prevention of phishing attacks

  2. Strong Password Policy in the Organization
    Organizations should encourage the use of strong passwords to protect their control systems and information from unauthorized access. Employees should be told to create a strong password that consists of a combination of upper and lower case alphabets, numbers, and symbols. Moreover, making them aware of unique and different passwords for each accounts or files are mandatory.


    Strong password policy


  3. Use Multi-Factor Authentication (MFA)
    Using MFA is an added protection for your access credentials. It adds an extra layer of protection for your data, even if you have mistakenly given away your credentials on a fake landing page or in an email. SMS/Email Token Authentication can be used for this purpose.


  4. Conducting Vulnerability Assessment and Penetration Testing (VAPT)
    It is essential for organizations to know and patch their cyber security vulnerabilities and conducting
    VAPT is the best way to find out the voids in the cyber security infrastructure of your organization.


  5. Using Phishing Incident Response Tool
    As emails have become one of the most used media for sending malicious content, organizations should consider using Phishing Incident Response Tools such as
    Threat Alert Button (TAB). This tool helps in the early detection and removal of phishing emails from the inbox of employees.



As the world becomes more digital, the cyber attackers are waiting for an opportunity to pounce upon us. Therefore, it is now more important than ever for enterprises to take steps to chart out a holistic cyber security policy. 

According to you, what role does cyber security awareness play in the overall threat posture of the organization?


Turn Your Employees Into A Cyber Threat Shield

Make your employees proactive against prevailing cyber attacks with ThreatCop!

Leave a comment

Your email address will not be published. Required fields are marked *