Information for Maintaining Cybersecurity at Your Facility
Kentucky Division of Water (DOW) has recently become aware that some water systems around the state have received emails addressed from former DOW staff; however, the staff in the emails no longer work for DOW. In order to reduce the risk of hacking or other cybersecurity incidents, it would be a good idea to take some precautions.
Short term (immediate):
- Change passwords to email, network, software (including SCADA), and computer access.
- Update any software and operating systems to the newest version, including Windows, anti-virus software, and remote access software like TeamViewer.
- Become familiar with current Energy and Environment Cabinet (EEC) staff who might be contacting you, and be skeptical of emails from others claiming to work for DOW or other state agencies that you don’t normally work with.
- Technical Assistants and Compliance Officers’ names can be found at this link.
- Field Office staff names (including inspectors and supervisors) can be found at this link.
- Warn water system staff not to open any links in suspicious emails. Staff should notify management of any suspicious emails.
- Work with your IT staff or vendor to determine if more steps can or should be taken.
- Review the water system Emergency Response Plan to see what actions are warranted.
- Document any suspicious emails or phone calls received and notify enforcement or regulatory agencies (including DOW) as needed.
- Review system and network logs, and use virus or malware software scans as needed.
Long term (in the next few days and weeks):
- Develop a regular schedule for password changes.
- Review the US EPA Incident Action Checklist - Cybersecurity
- Ensure everyone who accesses the PWS computer systems has their own login information and passwords.
- Add or update the Cybersecurity section of your Emergency Response Plan.
The DOW has been in communication with the EPA on this issue; we may send additional information as needed.