Bringing You the Daily Dispatch

Credit agency reports increased risk of hackers targeting UK drinking water systems.
Environment World News

Credit agency reports increased risk of hackers targeting UK drinking water systems.

Moody’s, a credit rating agency, has cautioned that water companies are at a heightened risk of cyber attacks aimed at their drinking water systems. These companies are currently waiting for approval from the industry regulator to increase their budget for digital security measures.

According to a report from Moody’s to investors, hackers are increasingly targeting infrastructure companies such as those in the water and wastewater treatment industry. The utilization of AI (artificial intelligence) may potentially speed up this pattern.

In the previous month, Southern Water, a company that provides services to 4.6 million customers in southern England, reported that the Black Basta ransomware group had stated they were able to breach their systems. The group then shared a small portion of the stolen data on the dark web. This same group also hacked into outsourcing company Capita in the past year.

In 2022, South Staffordshire Water issued an apology for a security breach in which hackers accessed customers’ personal information.

Moody’s cautioned about the increasing reliance on data-logging devices for tracking water usage, as well as the use of digital smart meters, which could make companies more susceptible to attacks. While water treatment systems are typically kept separate from other IT systems, including customer databases, some have been more closely integrated for efficiency purposes.

Following a security breach, businesses often need to hire expert cybersecurity companies to fix their systems, allocate resources towards communicating with customers, and potentially deal with consequences from regulatory agencies. In the UK, the Information Commissioner’s Office has the authority to impose fines of up to 4% of a company’s overall revenue or €20m (£17m), whichever amount is greater.

According to Moody’s, the expense of repairing systems, such as reinforcing and fortifying current cyber defenses and covering possible penalties, will generally lead to a small rise in debt if the issue is resolved quickly.

Moody’s warned that there is a significant danger for both the industry and society if malicious individuals are able to gain access to operational technology systems and disrupt the functioning of drinking water and wastewater treatment facilities.

The agency reported that water providers, government officials, and regulators have recognized the importance of strengthening cybersecurity measures due to the increasing complexity of attacks on vital systems. State-affiliated groups are a newer but growing type of cyber threat.

There are heightened worries regarding the cybersecurity of important British infrastructure, such as the £50 billion plan to construct a large underground storage facility for nuclear waste and the Sellafield nuclear site in Cumbria. The Guardian reported numerous issues with cybersecurity at Sellafield.

The recent Moody’s report coincides with the efforts of water companies in England and Wales to boost their cybersecurity measures by seeking approval from Ofwat. The regulatory body is currently evaluating their proposals to raise prices between 2025 and 2030 in order to fund these investments.

Ofwat’s determination, due later this year, comes at a critical juncture for an industry under fire for sewage dumping, poor leakage records and big executive pay packets.

“Move past the advertisement for the newsletter.”

In October of last year, businesses presented their five-year strategies outlining proposed price hikes in order to finance a historic £96 billion investment towards resolving issues with sewage leaks, decreasing leaks, and constructing reservoirs.

According to Moody’s analysis, businesses aim to boost their security spending from less than £100m as a whole to almost £700m in the next five years. The heightened attention on the industry and the recent hack at Southern Water may strengthen its argument, as stated by the credit agency.

According to the agency, expenses related to the hack at South Staffordshire Water, including potential lawsuits, could amount to £10 million.

Moody’s has expressed concerns about the potential effects on the debts of water companies. This is part of a larger issue of leverage in the water industry, where as much as 28% of bill payments may be going towards paying off debts in certain regions of England.

Water UK announced that starting in April, the average annual bills will increase by 6%, surpassing the current inflation rate.

Source: theguardian.com