Cyberattack on Arkansas city water treatment plant

Arkansas City, Kansas, experienced a cybersecurity incident at the water treatment plant on Sunday, September 22, 2024. Although the nature of the incident has not been fully disclosed, city officials stressed that the water supply remains safe and there were no disruptions. The cyberattack on Arkansas City's water treatment plant prompted the city to take precautionary measures and convert water treatment to manual control as part of its response.

Details of cyberattack on Arkansas city water treatment plant

In a statement shared through the city's official LinkedIn account, Arkansas city officials confirmed the issue began early Sunday morning. “The City of Arkansas experienced a cybersecurity issue at its water treatment plant early Sunday morning, September 22, 2024,” the post said. City Manager Randy Frazer assured residents that despite the incident, there was no threat to public health or water quality.

Frazer also stressed that the city wanted to maintain operations during the incident. “Despite the incident, the water supply remains completely safe and there have been no disruptions. Out of an abundance of caution, the water treatment plant has switched to manual operation while the situation is being resolved. Residents can be assured that their drinking water is safe and the city is operating under full control during this time,” Frazer explained.

Although the full extent of the cyberattack on Arkansas City's water treatment plant is not yet known, city officials have already engaged cybersecurity experts and government agencies to resolve the issue. In the meantime, Arkansas city government has implemented enhanced security measures to protect the water treatment plant from further intrusions.

Currently, efforts are focused on restoring the plant's automated operation, but no changes in water quality or service interruptions are expected for the city's residents.

Cybersecurity threats to water utilities are increasing

This cyberattack on the Arkansas City water treatment plant came amid growing concerns about the vulnerability of U.S. water utilities to cyberattacks. Cybersecurity breaches targeting critical infrastructure, particularly water treatment plants, have increased in frequency and severity across the country. Earlier this year, the Environmental Protection Agency (EPA) issued a warning that water utilities, especially smaller ones, are increasingly becoming targets of cyberattacks by malicious actors, including state-sponsored hackers.

According to a recent report from the U.S. Environmental Protection Agency (EPA), approximately 70% of utilities audited last year were found to be violating cybersecurity standards designed to prevent breaches or other forms of unauthorized access. The EPA has urged water systems, including smaller and rural facilities, to immediately improve their cybersecurity measures. These incidents pose significant risks, not only to water supplies, but also to public health and safety.

One of the most concerning developments involves foreign cybercriminals. Recent attacks have come from groups with ties to Russia and Iran that have targeted smaller and more vulnerable water utilities in the U.S. These groups have particularly focused on disrupting critical infrastructure in rural or sparsely populated areas, which often have fewer resources to implement advanced cybersecurity protocols.

Response to foreign cyberattacks

In August 2024, the U.S. State Department announced that six Iranian government hackers were responsible for a series of cyberattacks on U.S. water utilities in the fall of 2023. These hackers have been linked to various cyber operations against critical infrastructure, and in response, the U.S. has increased efforts to track and disrupt such activities. The State Department's Rewards for Justice program is now offering up to $10 million for information leading to the identification or location of these six hackers.

The program specifically targets individuals engaged in malicious cyber activities under the control of foreign governments, with a focus on activities that violate the Computer Fraud and Abuse Act and threaten U.S. infrastructure, such as water treatment plants.

Similar cybersecurity incidents in Wichita

The cyberattack on the Arkansas city water treatment plant came just months after a major cyberattack on the city of Wichita, Kansas, in June 2024. The attack in Wichita disrupted several city services, including water metering, billing, and payment processing systems. Although most publicly accessible systems have since been restored, the recovery process was lengthy, and some services are still being gradually brought back online.

Wichita City Council has reported progress in recovering from the attack, saying water billing and payment systems have returned to normal operations. Customers can now pay their bills in a variety of ways, including through online portals, by phone or in person. However, due to the disruption, some residents may receive June bills that cover more than 60 days of service. Wichita has offered additional support to customers struggling with larger bills and encouraged them to set up payment plans.

Going forward, water systems across the country, regardless of size, must prioritize cybersecurity as part of their overall operations to protect both infrastructure and public health.

At this time, Arkansas City residents can rest assured that their water supply is not affected. The city government is working with cybersecurity experts to resolve the incident and ensure that any vulnerabilities in the system are fixed.

Related