Connect with us

Hi, what are you looking for?

World

US consumers caught up in Veolia ransomware attack

Veolia, one of the world’s largest water facility operators, was hit by a ransomware attack.

Water is a source of potable drinking water and energy. Image of Olympic Park in London. — © Tim Sandle.
Water is a source of potable drinking water and energy. Image of Olympic Park in London. — © Tim Sandle.

Veolia, one of the world’s largest water facility operators, was hit by a ransomware attack on its North America Municipal Water division. This attack comes nearly a week after the CISA, FBI, and EPA released an incident response guide for the Water and Wastewater Sector (WWS).

The company has confirmed its Municipal Water division has suffered a security incident that triggered the firm to take the targeted back-end systems and servers offline until they could be restored. The French-owned firm states:

“This incident seems to have been confined to our internal back-end systems at Veolia North America, and there is no evidence to suggest it affected our water or wastewater treatment operations.”

Veolia operates in all 50 U.S. states. The attack resulted in the company’s online payment systems being moved offline and the breach of customers’ sensitive information.

MSN reports that the relevant authorities and law enforcement agencies have been notified of the attack, and external forensics teams were brought in to assist with the aftermath of the attack.

Following this news, Nick Tausek, Lead Security Automation Architect at Swimlane explains to Digital Journal why cyberattacks on the energy sector put society as a whole at risk, especially should an attack actually be capable of spending operations, and how more needs to be done to protect national infrastructures.

Tausek begins by noting the irony of the timing of this security incident: “One week after the US government released guidance for the water and wastewater sector (WWS) to improve cyber resilience and incident response, Veolia, one of the world’s largest water operators, fell victim to a ransomware attack.”

In terms of the specific details, he finds: “The attack targeted Veolia’s North America Municipal Water division, affecting the company’s online payment systems. While there is no evidence that the attack affected water or wastewater treatment operations, there was a breach in customers’ personal information.”

In terms of taking remediation actions, Tausek assesses the latest advice, noting: “The guidelines published by the Environmental Protection Agency (EPA) in collaboration with the FBI and Cybersecurity and Infrastructure Security Agency (CISA) highlighted the need for a preventative security approach to be implemented to combat the vulnerability of this critical infrastructure sector. The timing of this attack reiterates this vulnerability. These organizations must be taking the necessary precautions to not only safeguard the sensitive information of customers but also the system operations and water safety.”

In terms of taking concrete action, Tausek recommends: “The cascading, long-term risks to critical water infrastructure as well as human and environmental health are of paramount importance, and, combined with a historically outdated security posture, make water infrastructure an especially attractive target for cybercriminals.”

Tausek further recommends: “By implementing an automated security platform, organizations can standardize threat detection and alert monitoring, significantly reducing incident response times.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

World

The coin's design includes the psychedelic 'magic piano' featured in the 1967 Magical Mystery Tour film - Copyright Royal Mint/AFP -There are few accolades...

Business

US President-elect Donald Trump said Elon Musk would lead an efficiency drive under his new administration. — © AFP/File Kena BetancurThe Department of Government...

Business

Can anyone remember the world before AI tools? Since the fateful launch of ChatGPT in November of 2022, the world has forever changed.

World

The Bahamas on Thursday said it had rejected a proposal from the incoming Trump administration to take in deported migrants.