Arkansas City water treatment facility hit by cyberattack

While disruptions are limited, the attack on the water treatment facility highlights how the critical infrastructure sector remains a popular target for threat actors.

A cyberattack hit the water supply system of Arkansas City, Kan., on Sunday, but the effects appear to be limited for now.

Arkansas City's government disclosed a cybersecurity incident on Sunday that involved its water treatment facility but did not specify in the disclosure whether it was a cyberattack. While the incident did not cause service or water supply disruptions, the city government said it's still working to return the facility to normal operations.

The disclosure said the incident began early Sunday morning and that the city took precautionary measures to contain the incident. One measure included switching to manual operations. It also implemented "enhanced security measures," though it's unclear what those are.

While details are scarce, water treatment facilities have proven to be a popular target for attackers. CISA published an incident response guide with a section dedicated to water utilities in January that outlined best practices, technical support, forensics and malware analysis.

"City Manager Randy Frazer assured residents that the water supply remains completely safe and there has been no disruption to service," the city wrote in the disclosure. "Cybersecurity experts and government authorities are working to resolve the situation and return the facility to normal operations."

Shana Adkisson, Arkansas City communications director, later confirmed to KWCH 12 News that the incident was a cyberattack that impacted at least one of the facility's computers.

There's been an influx of cyberattacks reported against critical infrastructure and, specifically, the water and wastewater systems sector. In January, Boston-based Veolia North America disclosed it suffered a ransomware attack against its municipal water division. The water, energy and waste recycling management service said the incident affected some software applications and systems. The company also forced some systems offline, which disrupted customers' access to the billing system.

In December, utility company North Texas Municipal Water District also suffered a ransomware attack that affected its phone lines and computer network.

The Municipal Water Authority of Aliquippa, Pa., was hit by an Iranian nation-state threat actor known as "Cyber Av3ngers" in November. Subsequently, the department's water pressure regulator was compromised.

In 2021, 22-year-old Wyatt A. Travnichek was arrested for tampering with the Ellsworth County Rural Water District's public water system in Kansas. The former employee breached the computer system and manipulated controls to shut down processes at the facility.

Arielle Waldman is a news writer for TechTarget Editorial covering enterprise security.

Dig Deeper on Network security

Networking
CIO
Enterprise Desktop
Cloud Computing
ComputerWeekly.com
Close