Drinking Water Security Response Toolbox

This toolbox is designed to help water utilities plan for, prevent, and guide responses to security threats including general malevolent acts, cyberattacks, tampering, and violent acts.

Preparing for malevolent acts

Malevolent acts, such as vandalism, tampering, violent acts, cybersecurity attacks, and terrorism attacks, pose a threat to water/wastewater utilities and are sometimes overlooked in Risk and Resilience Assessments as well as Emergency Response Planning efforts. Malevolent acts can affect your critical infrastructure by creating contamination events or by slowing or stopping your facility’s ability to function. This toolbox will help you prevent, detect, prepare for, and respond to tamping events and violent acts. 
  

Protecting against and responding to cybersecurity threats

Cybersecurity attacks, defined as assaults launched by cybercriminals using one or more computers against a single or multiple computers or networks, have recently increased. This toolbox will help you learn the basics of cybersecurity, how to protect your critical infrastructure, and how to respond to cybersecurity attacks. 

  • Take the following steps to prepare your system from a cyberattack: 
    1. Backup data, system images, and configurations and keep the backups offline.
    2. Regularly download updates and patches for your system from software manufacturers. 
    3. Make sure your security solutions (such as malware) are up to date.
    4. Review and exercise your incident response plan.
    5. Pay attention to ransomware events and apply lessons learned.
      1. Visit the Cybersecurity and Infrastructure Security Agency’s (CISA) National Cyber Awareness System website
      2. Join one of CISA’s Information Sharing Networks to help you stay informed
    6. Create, maintain and deliver cybersecurity training for employees 
  • Cybersecurity Resources: The department gathered resources to help your system prepare and respond to cybersecurity attacks. 
  • Guidance: Respond and Report Cyberattacks is a guidance document that can be used when your water/wastewater facility experiences a cybersecurity event. It outlines what steps to take, how to report the event, and what to expect after reporting the event.