30.9 F
Washington D.C.
Friday, January 17, 2025

OIG: EPA Must Address Cybersecurity Risks in U.S. Drinking Water Systems to Protect Public Health and Economy

The Environmental Protection Agency’s (EPA) Office of Inspector General (OIG) has issued a Management Implication Report raising significant cybersecurity concerns for drinking water systems across the United States. The findings highlight vulnerabilities that pose risks to public health, critical infrastructure, and economic activity, urging immediate attention and action to fortify cybersecurity in this essential sector.

The OIG’s analysis reveals that 97 drinking water systems serving over 26.6 million people were identified as having critical or high-risk cybersecurity vulnerabilities. Additionally, 211 other systems, serving over 82.7 million people, were flagged for medium to low-risk concerns. These vulnerabilities include weaknesses in email security, IT hygiene, and other critical cyber defenses, leaving these systems open to potential exploitation by malicious actors.

The report stresses the devastating potential of a cyberattack on drinking water systems, citing economic losses that could reach tens of billions of dollars daily. For example, a single day of disruption to Charlotte Water, which serves 890,000 people, could result in $132 million in lost revenue and replacement costs exceeding $5 billion. Similarly, a statewide disruption in California’s State Water Project could lead to $61 billion in daily economic losses.

Among its findings, the report underscores a lack of a centralized cybersecurity incident reporting system within the EPA, with the agency currently relying on the Cybersecurity and Infrastructure Security Agency (CISA) for such reports. Furthermore, the OIG identified insufficient policies and procedures for coordinating responses to cybersecurity incidents and recommended that the EPA develop a national cybersecurity strategy tailored to the water and wastewater sectors.

The report calls on the EPA to take decisive steps to address these challenges, including developing better oversight mechanisms, enhancing sector-wide risk assessments, and fostering partnerships with state and local authorities to improve compliance and resilience.

Read the full report here.

Matt Seldon
Matt Seldon
Matt Seldon, BSc., is an Editorial Associate with HSToday. He has over 20 years of experience in writing, social media, and analytics. Matt has a degree in Computer Studies from the University of South Wales in the UK. His diverse work experience includes positions at the Department for Work and Pensions and various responsibilities for a wide variety of companies in the private sector. He has been writing and editing various blogs and online content for promotional and educational purposes in his job roles since first entering the workplace. Matt has run various social media campaigns over his career on platforms including Google, Microsoft, Facebook and LinkedIn on topics surrounding promotion and education. His educational campaigns have been on topics including charity volunteering in the public sector and personal finance goals.

Related Articles

HTA Month Jan 2025

Latest Articles