Arizona introduces legislation to protect critical water infrastructure from cybersecurity threats

(UI) – On April 11^th, Arizona Congressmen Rick Crawford (AR-01) John Duarte (CA-13) introduced H.R. 7922, the Water Risk and Resilience Organization (WRRO) Establishment Act, in response to “persistent” cybersecurity threats to critical water infrastructure across the nation.

The legislation establishes a new governing body, the WRRO, with cyber and water infrastructure expertise to develop and enforce cybersecurity requirements for drinking and wastewater systems. The WRRO will work in partnership with the U.S. Environmental Protection Agency (EPA) to ensure cybersecurity measures are both practical and beneficial.

“Foreign adversaries such as Russia and China have utilized cyber-attacks to target critical infrastructure such as water systems. This bill is a more proactive approach to safeguarding our drinking and wastewater from these types of attacks. These protections are vital at a time where cyber threats are constant and technology is evolving quickly,” Rep. Crawford said.

Earlier this year, FBI Director, Christopher Wray testified to Congress that Chinese hackers have been targeting infrastructure such as water treatment plants, electrical grids, and pipelines.

Last month, other administration officials echoed this sentiment when both the national security advisor and EPA sent letters to state governors. In the letters, they urge the governors to address any vulnerabilities in their state’s water systems to minimize risks of cyber-attacks. 

Cybersecurity breaches have already happened around the country

 In Nov. 2023, a small Pennsylvania water utility was breached by pro-Iran hackers. A Florida water treatment facility was hacked in 2021, and the hackers tried to increase the amount of beneficial chemicals in the water to unsafe levels.

In February, the U.S. intelligence community reported that Chinese-backed hackers have had a presence in many critical infrastructure systems in the U.S., including water systems for as long as maybe five years.

“With the constant threat of cyberattacks by our adversaries, the United States’ water infrastructure must be secured and defended properly,” said Rep. Duarte. “I am proud to help lead this crucial legislation with Rep. Crawford to ensure that our wastewater and drinking water systems are adequately prepared to deal with potential cybersecurity threats.”

Support from water industry leaders

“Strong and effective cybersecurity oversight is critical for the water sector,” said American Water Works Association CEO David LaFrance. “Rep. Crawford’s vision for a collaborative model that leverages the knowledge of the sector is the right approach for protecting water utilities from cyber-attacks.”

“NAWC applauds the leadership of Rep. Crawford to advance legislation that helps bolster cybersecurity protections for the entire water sector. This legislation is long overdue and aligns with our guiding cybersecurity pillars, which call for greater collaboration and coordination of efforts to better protect critical water infrastructure,” said Rob Powelson, President and CEO of the National Association of Water Companies.

“Cyber threats targeting both informational and operational systems today pose a growing threat to the nation’s water systems, and a successful cyber-attack could threaten public health while also undermining the public’s confidence in their water supply. AMWA supports H.R. 7922 as a critical piece of the puzzle to defend the nation’s water systems from criminals and bad actors in cyberspace, and we thank Rep. Crawford for his leadership on this important bill,” said Tom Dobbins, CEO of the Association of Metropolitan Water Agencies.

 

Related News

From Archive

• Most Read
• Most Commented