How Cyber Threats Are Endangering Water Systems And What Must Be Done To Protect Them
Water is the essence of life, but in today’s digital world, it’s also an increasingly attractive target for cyber criminals. Water treatment plants and distribution systems rely on digital controls, which, if compromised, can lead to disastrous consequences, including contamination, service disruptions, and threats to public health.
A 2024 assessment by the U.S. Environmental Protection Agency (EPA) found that 97 drinking water systems, serving approximately 26.6 million people, had critical or high-risk cyber security vulnerabilities.
According to Check Point Research, thus far in 2025, the energy & utilities (including water) industry has suffered on average 1872 weekly attack attempts per organization, an increase of 53% compared to the same period in 2024.
North America has seen the highest year-on-year change with an 89% increase in attacks compared to the same time period last year, followed by Europe (82%) and Africa (45%).
With critical infrastructure like water utilities under constant threat, it is only a matter of time before a cyber attack succeeds in impacting hundreds of thousands, if not millions of lives.
On this upcoming World Water Day on March 22nd, we explore the economic impacts of cyber vulnerabilities in water systems and provide insights into key security measures to ensure that water utilities and this precious resource remains safe to drink and pouring from our taps.
The Economics of a Water Attack
Beyond public health, cyber attacks on water infrastructure have massive economic repercussions. Water and wastewater providers are prime targets for cyber criminals due to the essential role they play in sustaining local communities and daily operations. However, the risks extend beyond operational disruptions. A compromised system could result in contaminated drinking water, posing serious threats to public health and safety.
Beyond households, numerous industries depend on a steady and secure water supply, including manufacturing plants and data centers, which rely on water for cooling systems. A cyber attack on these utilities could lead to widespread disruptions with severe consequences. Disruptions in water supply can halt industrial operations, impact agriculture, and destabilize local economies.
For example, a one-day disruption in water service across the U.S. could jeopardize $43.5 billion in economic activity according to the US Water Alliance. A simulated example of a cyber attack on Charlotte Water in North Carolina projected daily losses of at least $132 million in lost revenue, with replacement costs exceeding $5 billion, results from a review of the agency’s cyber security initiatives by the Environmental Protection Agency’s Office of Inspector General.
In Italy, Alto Calore Servizi SpA, an Italian company that provides drinking water to 125 municipalities Avellino and Benevento — two provinces in southern Italy experienced a ransomware attack in 2023. The government-run company also manages sewage and purification services for both provinces. While the cyber attack did not disrupt water distribution, the company’s database was compromised, and it rendered all of their IT systems unusable.
The Price of Outdated Infrastructure
Water systems, in particular, are highly vulnerable, as outdated infrastructure is suddenly exposed to internet-based threats, and the potential for disruption makes these facilities prime targets, especially for nation-state actors. In reality, a compromised water facility goes beyond just being a cyber incident as it impacts the entire country, making headlines and, more critically, poses a direct threat to public safety.
The economic toll of a successful cyber attack on water utilities is simply too great to ignore. Resilience must be prioritized, and investments in cyber security should be viewed as investments in economic stability.
Strengthening cyber defenses: What needs to be done
Water utilities must take a proactive approach to cyber security. According to the U.S. Environmental Protection Agency (EPA), 98% of cyberattacks could be prevented or minimized with basic cyber hygiene. Some critical steps to enhance security includes:
• Invest in Endpoint and Network Security: Water utilities should deploy AI-powered threat detection systems to monitor network activity and prevent intrusions.
• Regulatory Gaps Leave Utilities Exposed: Cyber regulations for water utilities are not as stringent as those for the power or financial sectors, with the call for more to be done in this area.
• Mandate Cyber Security Training: The Water Information Sharing and Analysis Center (WaterISAC) has identified training as a top priority for improving cyber readiness as there is a severe lack of cyber security training amongst water operators with many facilities lacking dedicated cyber security personnel.
• Enforce Multi-Factor Authentication (MFA): Prevent unauthorized access to operational technology (OT) systems as unsecured remote access is often a major vulnerability, with attackers often exploiting weak remote access protocols.
• Develop Incident Response Plans: Water providers must have response protocols in place to minimize damage from potential attacks.
As cyber threats to water infrastructure increase, the need for proactive security measures has never been greater. Governments, water utilities, and cyber security experts must collaborate to protect these vital systems before more attacks severely impact this vital industry.
Follow Check Point via:
LinkedIn: https://www.linkedin.com/company/check-point-software-technologies
X: https://www.twitter.com/checkpointsw
Facebook: https://www.facebook.com/checkpointsoftware
Blog: https://blog.checkpoint.com
YouTube: https://www.youtube.com/user/CPGlobal
About Check Point Research
Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs.
About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading AI-powered, cloud-delivered cyber security platform provider protecting over 100,000 organisations worldwide. Check Point leverages the power of AI everywhere to enhance cyber security efficiency and accuracy through its Infinity Platform, with industry-leading catch rates enabling proactive threat anticipation and smarter, faster response times. The comprehensive platform includes cloud-delivered technologies consisting of Check Point Harmony to secure the workspace, Check Point CloudGuard to secure the cloud, Check Point Quantum to secure the network, and Check Point Infinity Core Services for collaborative security operations and services.
Legal Notice Regarding Forward-Looking Statements
This press release contains forward-looking statements. Forward-looking statements generally relate to future events or our future financial or operating performance. Forward-looking statements in this press release include, but are not limited to, statements related to our expectations regarding future growth, the expansion of Check Point’s industry leadership, the enhancement of shareholder value and the delivery of an industry-leading cyber security platform to customers worldwide. Our expectations and beliefs regarding these matters may not materialize, and actual results or events in the future are subject to risks and uncertainties that could cause actual results or events to differ materially from those projected. The forward-looking statements contained in this press release are also subject to other risks and uncertainties, including those more fully described in our filings with the Securities and Exchange Commission, including our Annual Report on Form 20-F filed with the Securities and Exchange Commission on April 2, 2024. The forward-looking statements in this press release are based on information available to Check Point as of the date hereof, and Check Point disclaims any obligation to update any forward-looking statements, except as required by law.
