The EPA has training material and courses which can help improve your waterworks cybersecurity found here.
Category: Cybersecurity
Cyber Incidents Involving Cityworks Software
EPA is issuing this alert to inform water and wastewater system owners and operators of cyber incidents involving Cityworks Software. The Cityworks (owned by Trimble) platform is used widely by State, Local, Tribal, and Territorial municipalities, including water and wastewater systems. Read more about this alert here.
Iran Conflict is Increasing the Likelihood of Low-Level Cyberattacks Against US Networks
The U.S. EPA is issuing this alert to inform water and wastewater system owners and operators of the need for increased vigilance for potential cyber activity in the United States due to the current geopolitical environment. More information can be found here.
Microsoft Sharepoint Vulnerabilities
The U.S. EPA is issuing this alert to inform water and wastewater system owners and operators of the need for increased vigilance surrounding the use of Microsoft SharePoint. While the scope and impact continue to be assessed, the chain, publicly reported as “ToolShell,” provides unauthenticated access to systems and authenticated access through network spoofing, respectively, and enables malicious actors to fully access SharePoint content, including file systems and internal configurations, and execute code over the network. See a full update regarding this release on the CISA’s Webpage.