There are about 156,000 public water systems providing safe and clean water to about 300 million Americans. Disruption of these systems would likely bring the affected areas to a standstill, causing severe risks to health and safety as well as much economic loss. For this reason, our federal government provides some protection for these facilities. Since 9/11, the EPA has been developing new security technologies to detect and monitor water contaminants. Law enforcement has been working on preventing security breaches at the reservoirs and watersheds which supply our water systems. Security advocates say if contaminants can be detected early enough, they can be prevented from reaching consumers. If not, our water treatment plants must be able to quickly communicate warnings to their customers. In addition to intentional releases, our water supplies can also be contaminated by naturally occurring chemicals and minerals such as radon, uranium and arsenic. Contaminates from urban, factory, and farm pollution are threats as well.

However, advocates are most worried that our water systems may be vulnerable to sabotage. The primary cyber threats to water systems involve attacks on Industrial Control Systems, and Operational Technology, as well as general IT attacks like ransomware, which can lead to service disruptions, public health risks, and data theft. Disruptions could be caused by hackers manipulating control and operation systems to adjust the dosage of treatment chemicals to hazardous or ineffective levels to contaminate of the water supply and cause public health crises. They could also manipulate or damage pumps and valves to disrupt water flow, causing service outages, or make water tanks overflow.

Pending Legislation: H.R.2344 - Water ISAC Threat Protection Act
Sponsor: Rep. Janice Schakowsky (IL)
Status: Referred to the House Committees on Transportation and Infrastructure, and Energy and Commerce, for a period to be subsequently determined by the Speaker
House Speaker: Speaker Mike Johnson (LA)