County Announcements

Monday, 05 December 2022 09:39

Cybersecurity Alert December 2, 2022

Written by

Cybersecurity Alert December 2, 2022

The Water Quality Control Division is sending out the following advisory in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of the Health and Human Services (HHS). The original joint Cybersecurity Advisory was released on November 17th, 2022, with technical details associated with Hive ransomware variants identified through FBI investigations as recently as November 2022.

EPA/CISA/DHS Cybersecurity Alert December 1, 2022

From June 2021 through at least November 2022, threat actors have used Hive ransomware, which follows the Ransomware-as-a-Service (RaaS) model, to target a wide range of businesses and critical infrastructure sectors including the water and wastewater industry.

The EPA recommends that all drinking water and wastewater utilities take the following mitigation actions:

  • Prioritize remediating known exploited vulnerabilities.
  • Enable and enforce multi factor authentication with strong passwords.
  • Close unused ports and remove any application not deemed necessary for day-to-day operations.
  • Follow the steps outlined in the joint Cybersecurity Advisory to protect your organization from a potential Hive ransomware attack.

Where to report suspected or actual ransomware attacks:

Thank you for all that you do to protect the public health and environment of your communities!

Contact

Please contact us with any questions at This email address is being protected from spambots. You need JavaScript enabled to view it..

Stay informed

If you received this email from a colleague and are interested in subscribing to these notifications, please sign up using this form and select the topics that interest you.

If you are subscribed to other Water Quality email lists, you can update your preferences at any time using the link at the bottom of this email.

Contacts

CDPHE cybersecurity questions:

This email address is being protected from spambots. You need JavaScript enabled to view it.

Email general questions to: This email address is being protected from spambots. You need JavaScript enabled to view it.

cdphe.colorado.gov/water-quality

FacebookTwitter

Read 657 times Last modified on Monday, 05 December 2022 09:45