{"id":226992,"date":"2024-10-18T11:52:52","date_gmt":"2024-10-18T18:52:52","guid":{"rendered":"https:\/\/zpesystems.com\/?p=226992"},"modified":"2024-10-18T11:53:00","modified_gmt":"2024-10-18T18:53:00","slug":"american-water-cyberattack-another-wake-up-call-for-critical-infrastructure","status":"publish","type":"post","link":"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/","title":{"rendered":"American Water Cyberattack: Another Wake-Up Call for Critical Infrastructure"},"content":{"rendered":"<p>[et_pb_section fb_built=&#8221;1&#8243; admin_label=&#8221;section&#8221; _builder_version=&#8221;4.16&#8243; custom_margin=&#8221;0px||||false|false&#8221; custom_padding=&#8221;0px||||false|false&#8221; da_disable_devices=&#8221;off|off|off&#8221; global_colors_info=&#8221;{}&#8221; da_is_popup=&#8221;off&#8221; da_exit_intent=&#8221;off&#8221; da_has_close=&#8221;on&#8221; da_alt_close=&#8221;off&#8221; da_dark_close=&#8221;off&#8221; da_not_modal=&#8221;on&#8221; da_is_singular=&#8221;off&#8221; da_with_loader=&#8221;off&#8221; da_has_shadow=&#8221;on&#8221;][et_pb_row admin_label=&#8221;row&#8221; _builder_version=&#8221;4.27.2&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221; width=&#8221;100%&#8221; custom_margin=&#8221;||0px||false|false&#8221; custom_padding=&#8221;0px||30px||false|false&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.16&#8243; custom_padding=&#8221;|||&#8221; global_colors_info=&#8221;{}&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_image src=&#8221;https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-scaled.jpg&#8221; alt=&#8221;Industrial water treatment plant with water&#8221; title_text=&#8221;Industrial water treatment plant with water&#8221; _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]The <a href=\"https:\/\/www.darkreading.com\/cyberattacks-data-breaches\/american-water-network-disruptions-cyberattack\"><strong>October 2024 cyberattack on American Water<\/strong><\/a>, one of the largest water and wastewater utility companies in the U.S., signals yet another wake-up call for critical infrastructure security. Because millions of people rely on this critical service for safe drinking water and sanitation, this attack highlights why it\u2019s so important to address cyber vulnerabilities.<\/p>\n<p>Let\u2019s trace the timeline of the attack, how it likely started, and the best practice architecture that could have mitigated or prevented the American Water cyberattack.[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; background_color=&#8221;#f4f4f4&#8243; width=&#8221;auto&#8221; custom_padding=&#8221;15px||||false|false&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; custom_padding=&#8221;30px|30px||30px|false|true&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<h2>Timeline of the October 2024 American Water Cyberattack<\/h2>\n<p>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; custom_padding=&#8221;15px|15px||15px|false|true&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<ul>\n<li><strong>Initial Intrusion<\/strong> (October 5, 2024)<br \/>The attack on American Water was first detected in early October, when cybersecurity monitoring tools flagged suspicious activity within the company&#8217;s IT systems. Employees reported an unusual system slowdown, and automated alerts indicated possible unauthorized access.<\/li>\n<\/ul>\n<p>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; custom_padding=&#8221;15px|15px||15px|false|true&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<ul>\n<li><strong>Rapid Escalation<\/strong> (October 6-7, 2024)<br \/>Within 24 hours of detection, the attackers had moved deeper into the company&#8217;s IT environment. In response, American Water initiated emergency protocols, including isolating key systems to prevent further damage. To contain the breach, critical operational technology (OT) systems \u2014 responsible for managing water treatment and distribution \u2014 were temporarily shut down<\/li>\n<\/ul>\n<p>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; custom_padding=&#8221;15px|15px||15px|false|true&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<ul>\n<li><strong>Public Notification and Response<\/strong> (October 8, 2024)<br \/>American Water notified federal authorities, including the Cybersecurity and Infrastructure Security Agency (CISA), state regulators, and the public. The company reassured customers that water quality had not been compromised, but certain automated operations had been affected, leading to temporary disruptions in water distribution.<\/li>\n<\/ul>\n<p>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; custom_padding=&#8221;15px|15px||15px|false|true&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<ul>\n<li><strong>Ongoing Recovery<\/strong> (October 2024 &#8211; Present)<br \/>As the investigation continued, third-party cybersecurity firms were brought in to assess the extent of the breach and assist in recovery. Manual operations were implemented in areas where automated systems were impacted. While the threat was contained, the company faced a lengthy process of system restoration and reconfiguration.<\/li>\n<\/ul>\n<p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; width=&#8221;auto&#8221; custom_padding=&#8221;15px||||false|false&#8221; border_color_top=&#8221;#78828A&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; custom_padding=&#8221;30px||||false|false&#8221; border_width_top=&#8221;1px&#8221; border_color_top=&#8221;#D6D6D6&#8243; global_colors_info=&#8221;{}&#8221;]<\/p>\n<h2>Impact of the Attack<\/h2>\n<p>The impact of the American Water cyberattack appears minimal. A class-action lawsuit was <a href=\"https:\/\/www.courierpostonline.com\/story\/news\/local\/south-jersey\/2024\/10\/18\/american-water-camden-lawsuits-seek-damages-due-to-hack\/75710560007\/\">recently filed<\/a> seeking $5-million in damages on behalf of affected customers, but this is the typical fallout that results from a breach. American Water did not shut down any treatment plants, and although they were forced to temporarily shut down their customer portal, pause billing, and revert to some manual processes, there were no water contamination or public health risks that came out of the attack. Per <a href=\"https:\/\/www.amwater.com\/corp\/security-faq\">American Water\u2019s FAQ page<\/a>, it seems business is nearly back to normal.<\/p>\n<p>However, this shouldn\u2019t diminish the need for utilities providers to shore-up their defenses and ensure resilience of their IT architectures. The <a href=\"https:\/\/industrialcyber.co\/utilities-energy-power-water-waste\/oldsmar-water-treatment-plant-incident-allegedly-caused-by-human-error-not-remote-access-cybersecurity-breach\/\">Oldsmar, Florida incident<\/a> is an example of how an error or breach can change water treatment chemistry (in this case, adding too much lye to the water supply) and poison a population. There have also been <a href=\"https:\/\/www.cbsnews.com\/news\/cyberattacks-on-water-systems-epa-utilities-take-action\/\">many attempts by U.S. adversaries<\/a> in which attackers were able to change water chemistry or disrupt automated operations.<\/p>\n<p>Government agencies like the EPA have been warning that attacks on water treatment utilities are increasing. Lawmakers are also calling for inspections of IT systems, such as to ensure best practices are being followed for managing passwords and keeping remote access from Internet exposure, and considering civil and criminal penalties for those who don\u2019t comply.[\/et_pb_text][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; custom_padding=&#8221;30px||||false|false&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<h2>How the Attack Likely Happened<\/h2>\n<p>The American Water cyberattack is still under investigation. Specifics of how it occurred haven\u2019t been released, but several likely scenarios have emerged based on trends in similar attacks:[\/et_pb_text][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; custom_padding=&#8221;15px|15px||15px|false|true&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<ul>\n<li><strong>Phishing or Social Engineering:<\/strong><br \/>\nEmployees may have unknowingly opened a malicious email attachment or clicked a harmful link, allowing attackers access to the internal network, similar to <a href=\"https:\/\/zpesystems.com\/breaking-down-the-2023-ragnar-locker-cyberattacks\/\">2023\u2019s Ragnar Locker attacks<\/a>. Water utilities and other public services often have large workforces, which makes them susceptible to phishing campaigns.<\/li>\n<\/ul>\n<p>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; custom_padding=&#8221;0px|15px|0px|15px|false|true&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<ul>\n<li><strong>Ransomware:<\/strong><br \/>There are indications that ransomware may have encrypted key files and systems, similar to what happened during the<a href=\"https:\/\/zpesystems.com\/dissecting-the-mgm-cyberattack-lions-tigers-bears-oh-my\"> MGM hack<\/a>. Ransomware attacks on critical infrastructure have increased in recent years, with attackers locking companies out of their own data and demanding payment to restore access.<\/li>\n<\/ul>\n<p>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; custom_padding=&#8221;0px|15px|0px|15px|false|true&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<ul>\n<li><strong>IT\/OT Integration Vulnerabilities:<\/strong><br \/>\nWater utilities often rely on a hybrid network where both information technology (IT) systems and operational technology (OT) systems are integrated to monitor and control water purification, distribution, and wastewater management. While this setup improves efficiency, it can also create additional vulnerabilities if the two environments are not properly segregated. Once attackers gain access to the IT network, they can use it as a bridge to reach OT systems, which are typically less secure.<\/li>\n<\/ul>\n<p>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; custom_padding=&#8221;0px|15px|0px|15px|false|true&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<ul>\n<li><strong>Internet-Facing Systems:<\/strong><br \/><span style=\"font-weight: 400;\">In the past, the Chinese-sponsored hacker group Volt Typhoon took advantage of firewalls that were connected both to the internet and to critical control systems. This approach also takes advantage of a lack of control plane segregation, as hackers can remote-in via internet-facing systems and gain management access to critical systems.<\/span><\/li>\n<\/ul>\n<p>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; custom_padding=&#8221;30px||||false|false&#8221; border_width_top=&#8221;1px&#8221; border_color_top=&#8221;#D6D6D6&#8243; global_colors_info=&#8221;{}&#8221;]<\/p>\n<h2>The Solution: Isolated Management Infrastructure (IMI)<\/h2>\n<p>As with the <a href=\"https:\/\/zpesystems.com\/the-crowdstrike-outage-how-to-recover-fast-and-avoid-the-next-outage\/\">global CrowdStrike outage<\/a>, the most important takeaway from the American Water cyberattack is that organizations need the ability to recover fast. Remote access solutions help with this, but it matters how these solutions are architected and which capabilities they offer.<\/p>\n<p>The traditional approach is to gain remote access via a direct link to the affected systems. The problem with this is that when these systems are breached, encrypted, or offline, it\u2019s impossible to remote-into them. This requires teams to physically connect to and revive systems (as with the CrowdStrike incident), or worse \u2013 completely replace their infrastructure, as Merck did during the 2017 NotPetya breach.[\/et_pb_text][et_pb_image src=&#8221;https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Traditional-remote-management-via-direct-link.png&#8221; alt=&#8221;Traditional remote management via direct link&#8221; title_text=&#8221;Traditional remote management via direct link&#8221; _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; max_width=&#8221;75%&#8221; module_alignment=&#8221;center&#8221; border_width_all=&#8221;1px&#8221; border_color_all=&#8221;#214C64&#8243; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; custom_padding=&#8221;30px||||false|false&#8221; global_colors_info=&#8221;{}&#8221;]Instead, organizations are turning to a best practice architecture that has been used by hyperscalers and large enterprises for years. This solution is called Isolated Management Infrastructure. IMI creates a management network that is connected to but completely independent of production network equipment, an architecture that resembles out-of-band (OOB) management. This gives teams a lifeline to their main IT and OT systems, including servers, switches, sensors, controllers, and other critical assets, even when their main systems are offline.[\/et_pb_text][et_pb_image src=&#8221;https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/IMI-is-a-lifeline-to-production-assets.png&#8221; alt=&#8221;IMI is a lifeline to production assets&#8221; title_text=&#8221;IMI is a lifeline to production assets&#8221; _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; max_width=&#8221;75%&#8221; module_alignment=&#8221;center&#8221; border_width_all=&#8221;1px&#8221; border_color_all=&#8221;#214C64&#8243; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; custom_padding=&#8221;30px||||false|false&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<h4>Here\u2019s how IMI and out-of-band management could have helped mitigate the effects of the American Water attack:<\/h4>\n<ul>\n<li><b> Enhanced Containment:<\/b> By isolating the network used for system control and monitoring, OOB management could have ensured that even if the primary network was compromised, attackers would not have been able to access or disable key operational systems. This would have limited the need to shut down OT systems and prevented widespread operational disruption.<\/li>\n<\/ul>\n<p>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; custom_margin=&#8221;||||false|false&#8221; custom_padding=&#8221;||||false|false&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<ul>\n<li><b> Faster Recovery:<\/b> With isolated management infrastructure, administrators would have been able to access critical systems remotely, even during the attack. This capability enables faster diagnosis of the issue and restoration of services without relying on compromised networks. In the case of a ransomware attack, for example, OOB management can help initiate recovery operations from backups, minimizing downtime.<\/li>\n<\/ul>\n<p>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<ul>\n<li><b> Reduced Attack Surface: <\/b>By creating an independent network with fewer access points and stricter controls, OOB infrastructure reduces the chances of attackers exploiting vulnerabilities. It\u2019s an additional layer of security that complicates attempts to breach sensitive control systems.<\/li>\n<\/ul>\n<p>[\/et_pb_text][et_pb_image src=&#8221;https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/09\/IMI-with-Nodegrid2.jpg&#8221; alt=&#8221;IMI with Nodegrid2&#8243; title_text=&#8221;IMI with Nodegrid2&#8243; _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; max_width=&#8221;75%&#8221; module_alignment=&#8221;center&#8221; border_width_all=&#8221;1px&#8221; border_color_all=&#8221;#214C64&#8243; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; custom_padding=&#8221;30px||||false|false&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<p>30-year cybersecurity expert James Cabe recently published a walkthrough of how to do this. Read his article, <strong><a href=\"https:\/\/zpesystems.com\/what-to-do-if-youre-ransomwared-a-healthcare-example\/\">What to do if you\u2019re ransomware\u2019d<\/a><\/strong>, to see how to deploy the Gartner-recommended Isolated Recovery Environment that lets you fight through an active attack.<\/p>\n<p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=&#8221;3_5,2_5&#8243; use_custom_gutter=&#8221;on&#8221; _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; background_color=&#8221;#214C64&#8243; width=&#8221;auto&#8221; custom_padding=&#8221;15px|15px|15px|15px|false|false&#8221; locked=&#8221;off&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_column type=&#8221;3_5&#8243; _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_text _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; text_font=&#8221;||||||||&#8221; text_text_color=&#8221;#FFFFFF&#8221; header_3_text_color=&#8221;#214C64&#8243; header_4_text_color=&#8221;#358AAF&#8221; custom_padding=&#8221;30px|15px|30px|15px|true|true&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<h2>Get the Blueprint for Building IMI<\/h2>\n<p>The American Water cyberattack is another wake-up call for critical infrastructure providers to rethink their cybersecurity strategies. Isolated Management Infrastructure is the key approach to retaining control during an attack, but requires the robust capabilities of Generation 3 out-of-band to ensure rapid recovery. To help utilities and essential services fortify their infrastructure, ZPE Systems recently created a blueprint for building IMI. Download the blueprint now to follow the best practices architecture and become resilient against cyberattacks.<\/p>\n<p>[\/et_pb_text][\/et_pb_column][et_pb_column type=&#8221;2_5&#8243; _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_image src=&#8221;https:\/\/zpesystems.com\/wp-content\/uploads\/2022\/11\/BlueprintPDF.png&#8221; alt=&#8221;BlueprintPDF&#8221; title_text=&#8221;BlueprintPDF&#8221; url=&#8221;https:\/\/zpesystems.com\/network-automation-blueprint\/&#8221; align=&#8221;center&#8221; _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; width=&#8221;50%&#8221; custom_padding=&#8221;30px||||false|false&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_button button_url=&#8221;https:\/\/zpesystems.com\/network-automation-blueprint\/&#8221; url_new_window=&#8221;on&#8221; button_text=&#8221;Download Blueprint&#8221; button_alignment=&#8221;center&#8221; _builder_version=&#8221;4.27.2&#8243; _module_preset=&#8221;default&#8221; button_font=&#8221;||||||||&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_button][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The American Water cyberattack shows why resilience is key to critical services. Here&#8217;s how the attack unfolded and how to stop it.<\/p>\n","protected":false},"author":5,"featured_media":226995,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","content-type":"","footnotes":""},"categories":[74,32,87,88,103,156,101,84,93,82,83,99,80,90,134],"tags":[],"class_list":["post-226992","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-application-hosting","category-datacenter-management","category-data-center-resilience","category-failover-connectivity","category-improve-network-security","category-micro-segmentation","category-minimize-impact-of-disruptions","category-monitoring-reporting","category-network-automation","category-out-of-band-management","category-power-management","category-remote-network-management","category-simplify-branch-infrastructure","category-vendor-neutral-platform","category-zero-trust-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.0 (Yoast SEO v26.0) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>American Water Cyberattack: Another Wake-Up Call for Critical Infrastructure - ZPE Systems<\/title>\n<meta name=\"description\" content=\"The American Water cyberattack shows why resilience is key to critical services. Here&#039;s how the attack unfolded and how to stop it.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"American Water Cyberattack: Another Wake-Up Call for Critical Infrastructure\" \/>\n<meta property=\"og:description\" content=\"The American Water cyberattack shows why resilience is key to critical services. Here&#039;s how the attack unfolded and how to stop it.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/\" \/>\n<meta property=\"og:site_name\" content=\"ZPE Systems\" \/>\n<meta property=\"article:published_time\" content=\"2024-10-18T18:52:52+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-10-18T18:53:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"950\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jordan Baker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jordan Baker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/\",\"url\":\"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/\",\"name\":\"American Water Cyberattack: Another Wake-Up Call for Critical Infrastructure - ZPE Systems\",\"isPartOf\":{\"@id\":\"https:\/\/zpesystems.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-scaled.jpg\",\"datePublished\":\"2024-10-18T18:52:52+00:00\",\"dateModified\":\"2024-10-18T18:53:00+00:00\",\"author\":{\"@id\":\"https:\/\/zpesystems.com\/#\/schema\/person\/822694040abba23b5253766566cd1567\"},\"description\":\"The American Water cyberattack shows why resilience is key to critical services. Here's how the attack unfolded and how to stop it.\",\"breadcrumb\":{\"@id\":\"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/#primaryimage\",\"url\":\"https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-scaled.jpg\",\"contentUrl\":\"https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-scaled.jpg\",\"width\":1920,\"height\":950,\"caption\":\"Industrial water treatment plant with water.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/zpesystems.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"American Water Cyberattack: Another Wake-Up Call for Critical Infrastructure\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/zpesystems.com\/#website\",\"url\":\"https:\/\/zpesystems.com\/\",\"name\":\"ZPE Systems\",\"description\":\"Rethink the Way Networks are Built and Managed\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/zpesystems.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/zpesystems.com\/#\/schema\/person\/822694040abba23b5253766566cd1567\",\"name\":\"Jordan Baker\",\"url\":\"https:\/\/zpesystems.com\/author\/jordan\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"American Water Cyberattack: Another Wake-Up Call for Critical Infrastructure - ZPE Systems","description":"The American Water cyberattack shows why resilience is key to critical services. Here's how the attack unfolded and how to stop it.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/","og_locale":"en_US","og_type":"article","og_title":"American Water Cyberattack: Another Wake-Up Call for Critical Infrastructure","og_description":"The American Water cyberattack shows why resilience is key to critical services. Here's how the attack unfolded and how to stop it.","og_url":"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/","og_site_name":"ZPE Systems","article_published_time":"2024-10-18T18:52:52+00:00","article_modified_time":"2024-10-18T18:53:00+00:00","og_image":[{"width":1920,"height":950,"url":"https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-scaled.jpg","type":"image\/jpeg"}],"author":"Jordan Baker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Jordan Baker","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/","url":"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/","name":"American Water Cyberattack: Another Wake-Up Call for Critical Infrastructure - ZPE Systems","isPartOf":{"@id":"https:\/\/zpesystems.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/#primaryimage"},"image":{"@id":"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/#primaryimage"},"thumbnailUrl":"https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-scaled.jpg","datePublished":"2024-10-18T18:52:52+00:00","dateModified":"2024-10-18T18:53:00+00:00","author":{"@id":"https:\/\/zpesystems.com\/#\/schema\/person\/822694040abba23b5253766566cd1567"},"description":"The American Water cyberattack shows why resilience is key to critical services. Here's how the attack unfolded and how to stop it.","breadcrumb":{"@id":"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/#primaryimage","url":"https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-scaled.jpg","contentUrl":"https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-scaled.jpg","width":1920,"height":950,"caption":"Industrial water treatment plant with water."},{"@type":"BreadcrumbList","@id":"https:\/\/zpesystems.com\/american-water-cyberattack-another-wake-up-call-for-critical-infrastructure\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zpesystems.com\/"},{"@type":"ListItem","position":2,"name":"American Water Cyberattack: Another Wake-Up Call for Critical Infrastructure"}]},{"@type":"WebSite","@id":"https:\/\/zpesystems.com\/#website","url":"https:\/\/zpesystems.com\/","name":"ZPE Systems","description":"Rethink the Way Networks are Built and Managed","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zpesystems.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/zpesystems.com\/#\/schema\/person\/822694040abba23b5253766566cd1567","name":"Jordan Baker","url":"https:\/\/zpesystems.com\/author\/jordan\/"}]}},"rttpg_featured_image_url":{"full":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-scaled.jpg",1920,950,false],"landscape":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-scaled.jpg",1920,950,false],"portraits":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-scaled.jpg",1920,950,false],"thumbnail":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-150x150.jpg",150,150,true],"medium":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-300x148.jpg",300,148,true],"large":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-1024x507.jpg",1024,507,true],"1536x1536":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-1536x760.jpg",1536,760,true],"2048x2048":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-2048x1013.jpg",2048,1013,true],"et-pb-post-main-image":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-400x250.jpg",400,250,true],"et-pb-post-main-image-fullwidth":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-1080x675.jpg",1080,675,true],"et-pb-portfolio-image":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-400x284.jpg",400,284,true],"et-pb-portfolio-module-image":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-510x382.jpg",510,382,true],"et-pb-portfolio-image-single":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-1080x534.jpg",1080,534,true],"et-pb-gallery-module-image-portrait":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-400x516.jpg",400,516,true],"et-pb-post-main-image-fullwidth-large":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-2880x1800.jpg",2880,1800,true],"et-pb-image--responsive--desktop":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-1280x633.jpg",1280,633,true],"et-pb-image--responsive--tablet":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-980x485.jpg",980,485,true],"et-pb-image--responsive--phone":["https:\/\/zpesystems.com\/wp-content\/uploads\/2024\/10\/Industrial-Water-Treatment-Plant-480x238.jpg",480,238,true]},"rttpg_author":{"display_name":"Jordan Baker","author_link":"https:\/\/zpesystems.com\/author\/jordan\/"},"rttpg_comment":0,"rttpg_category":"<a href=\"https:\/\/zpesystems.com\/category\/application-hosting\/\" rel=\"category tag\">Application Hosting<\/a> <a href=\"https:\/\/zpesystems.com\/category\/datacenter-management\/\" rel=\"category tag\">Data Center Management<\/a> <a href=\"https:\/\/zpesystems.com\/category\/minimize-impact-of-disruptions\/data-center-resilience\/\" rel=\"category tag\">Data Center Resilience<\/a> <a href=\"https:\/\/zpesystems.com\/category\/minimize-impact-of-disruptions\/failover-connectivity\/\" rel=\"category tag\">Failover Connectivity<\/a> <a href=\"https:\/\/zpesystems.com\/category\/improve-network-security\/\" rel=\"category tag\">Improve Network Security<\/a> <a href=\"https:\/\/zpesystems.com\/category\/micro-segmentation\/\" rel=\"category tag\">Micro-segmentation<\/a> <a href=\"https:\/\/zpesystems.com\/category\/minimize-impact-of-disruptions\/\" rel=\"category tag\">Minimize Impact of Disruptions<\/a> <a href=\"https:\/\/zpesystems.com\/category\/remote-network-management\/monitoring-reporting\/\" rel=\"category tag\">Monitoring &amp; Reporting<\/a> <a href=\"https:\/\/zpesystems.com\/category\/increase-productivity\/network-automation\/\" rel=\"category tag\">Network Automation<\/a> <a href=\"https:\/\/zpesystems.com\/category\/remote-network-management\/out-of-band-management\/\" rel=\"category tag\">Out of Band Management<\/a> <a href=\"https:\/\/zpesystems.com\/category\/remote-network-management\/power-management\/\" rel=\"category tag\">Power Management<\/a> <a href=\"https:\/\/zpesystems.com\/category\/remote-network-management\/\" rel=\"category tag\">Remote Network Management<\/a> <a href=\"https:\/\/zpesystems.com\/category\/simplify-branch-infrastructure\/\" rel=\"category tag\">Simplify Branch Infrastructure<\/a> <a href=\"https:\/\/zpesystems.com\/category\/simplify-branch-infrastructure\/vendor-neutral-platform\/\" rel=\"category tag\">Vendor Neutral Platform<\/a> <a href=\"https:\/\/zpesystems.com\/category\/zero-trust-security\/\" rel=\"category tag\">Zero Trust Security<\/a>","rttpg_excerpt":"The American Water cyberattack shows why resilience is key to critical services. Here's how the attack unfolded and how to stop it.","_links":{"self":[{"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/posts\/226992","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/comments?post=226992"}],"version-history":[{"count":10,"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/posts\/226992\/revisions"}],"predecessor-version":[{"id":227047,"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/posts\/226992\/revisions\/227047"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/media\/226995"}],"wp:attachment":[{"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/media?parent=226992"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/categories?post=226992"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/tags?post=226992"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}