EPA Says 300 Drinking Water Systems Vulnerable

The EPA tested 1,062 drinking water systems that server over 193 million Americans.

That is about 60 percent of the population.

However, there are 149,000 drinking water systems in the United States.

So that is about 0.7 percent of all of the drinking water systems in the US. A lot of them serve really small groups of people. Together, those 148,000 systems serve maybe 125 million Americans, so that is quite relevant.

The tests were passive so the numbers are probably much worse. The tests checked email security, IT hygiene, vulnerabilities, adversarial threat and malicious activity and rated the weaknesses from critical to low based on potential impact.

As of last month, 97 of those systems, which serve 27 million people, contained critical and high severity vulnerabilities.

An additional 211 drinking water systems covering about 80 million people had medium and low severity problems.

This comes a month after New Jersey-based American Water, which services more than 14 million people in 14 states and on 18 military installations, was hacked and forced it to shut down certain systems.

In May, the EPA warned that over 70 percent of drinking water systems had critical security weaknesses.

The EPA tried to improve cybersecurity at these facilities over the last few years, but it turns out some people think it is better to let these systems remain vulnerable. They said that the EPA doesn’t have the authority to address cybersecurity, only the water itself. This is probably, legally, accurate, but puts a lot of the American population at risk.

It is highly likely that the next administration is not going to focus on fixing these problems. The Russians, Chinese and hackers in general appreciate this and likely will use it to their advantage.

Consider filtering your water.

Credit: Security Week

by