HQ/EMEAFind out how we can help your business
A recent cybersecurity incident at a water treatment facility in Arkansas City, Kansas, has raised concerns regarding the safety and security of municipal water supplies. Located at the merging of the Walnut and Arkansas Rivers, this small city, which has a population of approximately 12,000, is reliant on these waterways for its drinking water.
Opened in February 2018, the Arkansas City water treatment facility cost $22 million and was designed with advanced technologies aimed at improving efficiency. It is projected to reduce operational and maintenance costs by up to 20%. However, the precise state of its cybersecurity measures has not been publicly disclosed, raising important questions about the adequacy of investments in securing critical infrastructure.
On September 22, the facility reported the cybersecurity breach in the water treatment facility, prompting immediate action to safeguard operations.
In a precautionary move, city officials shifted to manual operations to ensure the continued safety of the water supply. City manager Randy Frazer reassured residents that, despite the incident, their drinking water remains safe and that there has been no interruption in service.
Authorities are currently collaborating with cybersecurity experts to address the incident and return the facility to its normal operating procedures. There will not be any changes to the quality of the water or the services offered to households as a result of the increased security measures put in place to safeguard the water supply.
The decision to transition to manual operations has led to speculation about the importance of the situation. Security professionals have noted that such a measure typically indicates a higher level of risk. One expert highlighted a previous breach where manual operation was unnecessary, as effective containment strategies allowed the plant to continue functioning without disruption.
The challenges faced by industrial control systems in adapting to modern cybersecurity threats are well documented. Newer facilities, designed with enhanced connectivity, can inadvertently create vulnerabilities that older, more traditional systems do not face.
Experts advocate for the need to incorporate cybersecurity into the budgeting processes of local governments, urging the Environmental Protection Agency (EPA) and Congress to establish a comprehensive cybersecurity standard. As municipalities invest in new technologies and infrastructure, it is crucial that they also prioritise cybersecurity to protect these vital resources.
As the investigation continues and the facility works to regain normal operations, the incident underscores the critical importance of cybersecurity in safeguarding public infrastructure. Ongoing discussion and action are necessary to ensure that the security of water supplies is not overlooked amid technological advancements.
