Cybersecurity Alert December 2, 2022

The Water Quality Control Division is sending out the following advisory in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of the Health and Human Services (HHS). The original joint Cybersecurity Advisory was released on November 17th, 2022, with technical details associated with Hive ransomware variants identified through FBI investigations as recently as November 2022.

EPA/CISA/DHS Cybersecurity Alert December 1, 2022

From June 2021 through at least November 2022, threat actors have used Hive ransomware, which follows the Ransomware-as-a-Service (RaaS) model, to target a wide range of businesses and critical infrastructure sectors including the water and wastewater industry.

The EPA recommends that all drinking water and wastewater utilities take the following mitigation actions:

• Prioritize remediating known exploited vulnerabilities.
• Enable and enforce multi factor authentication with strong passwords.
• Close unused ports and remove any application not deemed necessary for day-to-day operations.
• Follow the steps outlined in the joint Cybersecurity Advisory to protect your organization from a potential Hive ransomware attack.

Where to report suspected or actual ransomware attacks:

• CISA.
• FBI.
• CDPHE.

Thank you for all that you do to protect the public health and environment of your communities!

Contact

Please contact us with any questions at This email address is being protected from spambots. You need JavaScript enabled to view it..

cdphe.colorado.gov/water-quality

‌ ‌