Experts say cyberattacks are on the rise, especially with recent developments we've seen in artificial intelligence.
There have been numerous attacks on city government, local agencies, and school districts in North Texas in just the last year and now there's a new warning from the federal government about a specific attack that could impact water systems.
The Biden administration sent out a warning letter to all U.S. governors about hackers targeting water and wastewater systems across the country. They say these attacks are already happening and are coming specifically from state-sponsored hacking groups in Iran and China.
“That made me stand up and say, this is a credible thread, they know something,” said David Malicoat, a Dallas-based cybersecurity expert and host of The Professional CISO podcast.
Get top local stories in DFW delivered to you every morning. Sign up for NBC DFW's News Headlines newsletter.
A CISO, or Chief Information Security Officer, is a senior-level executive who oversees an organization's information, cyber, and technology security. Malicoat said those roles will become more and more important among local municipalities, which need to be on high alert due to the trends seen in recent hacking attacks.
"The local community governments are not necessarily as well protected as federal or commercial entities. Therefore, we're seeing those be targeted more recently – [hackers] can pull that data and typically use it in other places as well to do further attacks,” he said. “I think we have thousands of water districts across the United States – 80% of them are considered small, meaning not well-resourced. They typically don't have full-time cybersecurity staff.”
Local
The latest news from around North Texas.
Malicoat said when it comes to water systems, hackers can infiltrate technical operations and even impact access to water. He said in the past, threat actors have been able to break into systems and take over remote access that could manipulate machinery.
“Much like we've had several over the last three years, none of them got to the point where they were critical as far as harm to anyone,” he said. “But there was one, I believe in Pennsylvania, where hackers dumped around up to 1,000 times the amount of water treatment in the water. And it was caught before anything happened.”
NBC 5 reached out to the water departments in both Dallas and Fort Worth about the warning from the federal government.
The City of Dallas water utilities said they are well aware as they routinely monitor advisories and their systems.
“The City of Dallas actively monitors 24/7 the prevailing global threat landscape by leveraging cyber professional organizations and federally supported entities such as MS-ISAC and MS-ISACWater,” said Jennifer Brown, interim assistant director of communications for the city of Dallas, in an emailed statement to NBC 5. “It actively engages in discussions led by local, state, and federal authorities regarding cyber threats and potential actions. Additionally, the city remains updated on legislation and funding that may affect its responsibilities in safeguarding critical infrastructure.”
Brown said the city of Dallas has not experienced any cyber breaches on critical infrastructure to date.
“Through the implementation of best practices such as National Institute of Standards and Technology (NIST) guidelines and other leading cyber methods, vigilant monitoring, and proactive engagements have worked to safeguard the city’s critical infrastructure from cyber threats. Furthermore, the city of Dallas remains committed to maintaining the highest standards of current cybersecurity controls to ensure the continued resilience and integrity of our critical resident services,” she said in the statement.
The water department for the city of Fort Worth is also on alert for the specific alert about cyberattacks. The city said it has not experienced a cyber breach on water operations.
“The city, including the water utility, take cybersecurity threats quite seriously and do many things to protect our systems,” said Mary Gugliuzza, media relations coordinator for the Fort Worth water utility. “The Fort Worth Water Utility continually strengthens our cybersecurity posture and preparedness using a defense-in-depth layered approach that complies with federal, state, and water industry guidelines and best practices.”
While the city participates in a number of trainings every year, the department would not elaborate on specific protocols for security purposes.
“The utility also participates in the Water Information Sharing and Analysis Center, which just issued revised guidelines. The utility is currently reviewing those guidelines and will implement any revised recommendations,” said Gugliuzza. “We will not go into details of our processes, but we have numerous protocols in place. The water utility conducts regular vulnerability assessments and implements recommended mitigation tactics where appropriate.”
CYBER-ATTACKS COULD INCREASE
Malicoat said when it comes to cyberattacks, money is a huge factor for these hacker groups, especially in ransomware attacks that involve personal or sensitive data. Hackers will either steal that data and threaten to release it if the money isn’t paid, or they will put an encryption on the data within the system itself and threaten to delete it if the ransom isn’t fulfilled.
Just last week, the Tarrant Appraisal District was hit with a criminal ransomware attack demanding $700,000.
This month, nearly 2,100 people at UT Southwestern Medical Center were affected by a data security breach that included medical and health insurance information, addresses and dates of birth.
Dallas County also reported a cybersecurity incident in January.
Meanwhile, the city of Dallas is still recovering from the high-profile ransomware attack that crippled its systems last year and forced the city to spend over $8 million in recovery efforts.
Malicoat warns attacks are likely to increase as technology improves and because it's an election year.
"You're going to hear more, you're going to see more, and it's going to seem like the world's gone a little crazy when it comes to cybersecurity or cyberattacks. And they're doing that on purpose. They want us to have that fear, uncertainty and doubt,” he said.
Entities, he said, will also need to invest more money into securing their systems to prevent a breach.
"Ten to 15 years ago, it was the large companies that were getting attacked. And then the large companies responded by getting their maturity levels up and getting their cybersecurity much better. In turn, now the threat actors are looking for different places. And again, they're looking for the most vulnerable and that leads them down this path to maybe some of these municipal and county governments," Malicoat said.
PROTECTING YOURSELF
So what can the rest of us do to protect ourselves?
Malicoat said a good place to start is changing our passwords to important accounts. Don't re-use passwords.
“I know that's difficult because in the end, how do I remember all those passwords? Now there are tools out there – password keepers or password vaults — that are either very low cost or even free and reputable. You can not only store your passwords, but they'll also generate passwords for you and remember them,” he said.
Some reputable password keepers include 1Password, Keeper, and LastPass.
Multi-factor authentication, which allows you to confirm a login through an additional method like a text, push alert or email, is key.
“I can say in our world and in cybersecurity, we head off a whole lot of attacks through multifactor authentication,” said Malicoat.
The federal government also has a program and website to help educate organizations and individuals on cybersecurity threats.
Additionally, the U.S. Department of Homeland Security lists some core behaviors to follow when it comes to the cyber-space:
- Never click on links in emails
- Never open attachments
- Do not give out personal information
- Pay close attention to website URLs
- Be suspicious of any unknown emails or text messages