Pierluigi Paganini
September 25, 2024
Arkansas City, Kansas, had to switch its water treatment facility to manual operations over the weekend due to a cyberattack that was detected on Sunday.
As of the 2020 census, Arkansas City has a population of 11,974.
Arkansas City has notified the relevant authorities, Homeland Security and FBI agents are investigating the incident. The water supply was not impacted and remains safe, the cyber attack has not disrupted water treatment services, said city officials.
“Despite the incident, the water supply remains completely safe, and there has been no disruption to service.” said City Manager Randy Frazer. “Out of caution, the Water Treatment Facility has switched to manual operations while the situation is being resolved. Residents can rest assured that their drinking water is safe, and the City is operating under full control during this period,”
Water treatment facility operators have already implemented enhanced security measures to protect the water supply, and residents are not expected to experience any changes in water quality or service.
The decision to switch the water treatment facility to manual operations suggests that a ransomware attack targeted the critical infrastructure. Operators took the affected systems offline to contain the threat and prevent it from spreading.
In the past, we observed multiple attacks against water facilities; in January the Black Basta ransomware gang claimed to have hacked the UK water utility Southern Water, a major player in the UK water industry.
In December 2023, threat actors launched a cyberattack on an Irish water utility causing the interruption of the power supply for two days.
In November 2023, the Daixin Team group claimed to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Arkansas City water treatment facility)
