Part 1.

This report is generated by ChatGPT ( ChatGPT – 3.5 version).

Abstract:

A Russia-linked hacking group targeted a wastewater treatment plant in Indiana, prompting an

investigation by maintenance personnel. The Tipton Municipal Utilities plant, serving a town of 5,000
people, experienced minimal disruption and remained operational. This incident follows similar attacks
on water facilities in Texas earlier in the year, also claimed by the same hacking group. While the plant
was not compromised, the attack underscores ongoing cybersecurity threats to critical infrastructure in
the United States. Authorities are investigating, with concerns raised about the vulnerability of water
systems nationwide. The hackers, purportedly Russian-speaking, posted a video on social media claiming
responsibility, although cybersecurity experts deem their actions amateurish. This event highlights the
need for heightened cybersecurity measures, training, and collaboration among stakeholders to
safeguard critical infrastructure from cyber threats.

Affected System:

The targeted system is the wastewater treatment plant operated by Tipton Municipal Utilities in Indiana.
Specific software or hardware affected is not mentioned, but the hackers claimed to manipulate
software handling equipment for aerating and moving fluids at the plant.

Discovery and Publication:

The problem was discovered when maintenance personnel were sent to investigate suspicious activity at
the plant. The incident was initially published by CNN after an official from Tipton Municipal Utilities
confirmed the cyberattack. Subsequently, Russian-speaking hackers posted a video on social media
claiming responsibility for the attack.

Severity and Consequences:

While the plant experienced minimal disruption and remained operational, the incident highlights a
concerning trend of cyberattacks targeting critical infrastructure. The hackers' actions, though claimed as
amateurish, underscore vulnerabilities in industrial control systems. Exploitation of such weaknesses
could lead to significant consequences, including service disruptions, environmental damage, and
compromised public safety. On a technical level, robust cybersecurity measures and regular audits of
critical infrastructure systems are imperative. Human behavior necessitates increased awareness and
training among personnel operating these systems. Policy-wise, collaboration between government
agencies, cybersecurity firms, and utility providers is essential to mitigate risks and respond effectively to
cyber threats targeting critical infrastructure.

Part 1.2:

The following report is based on the article given in (CNN, 2024).

Abstract

On Friday evening, a Russia-linked hacking group targeted the Tipton Municipal Utilities (TMU)
wastewater treatment plant in Indiana. The hackers claimed responsibility for the attack through a video
posted on social media. Despite the breach, TMU reported minimal disruption to its operations. Federal
authorities, including the Department of Homeland Security’s Cybersecurity and Infrastructure Security
Agency (CISA), are investigating the incident. This attack is part of a broader pattern of cyberattacks
targeting water facilities in the United States, highlighting the vulnerabilities in critical infrastructure
systems (CNN, 2024).

Affected System

The attack targeted the industrial control systems (ICS) at the Tipton Municipal Utilities (TMU)
wastewater treatment plant. These systems manage the aeration and fluid movement processes within
the plant. Specific details such as exact product names, distribution, and version numbers were not
disclosed in the news article. However, it is likely that these systems include widely-used ICS components
and software typically employed in water treatment facilities.

Discovery and Publication

The problem was discovered by TMU plant managers who noticed suspicious activity on Friday evening.
Maintenance personnel were dispatched to investigate. The hacking group later posted a video on social
media claiming credit for the cyberattack, showing them manipulating the plant’s control software.
Federal authorities, including CISA, were alerted and are currently investigating the incident. The initial
publication of the incident was through the hacking group’s social media post, followed by reports in
news outlets such as CNN (CNN, 2024).

Analysis of the Issue

The severity of this cyberattack is moderate but highlights significant vulnerabilities in critical
infrastructure:

• Exploitation: The hackers accessed the ICS remotely, potentially through exposed internet
connections. They manipulated software controlling aeration and fluid movement,
demonstrating the capability to disrupt essential operations.

• Consequences: If fully exploited, the attack could have led to severe operational disruptions,
affecting water quality and public health. The incident underscores the risk of cyberattacks on
essential services and the potential for widespread impact.

Reactions:

• Technical Level: Implement robust security measures such as network segmentation, regular
software updates, and the use of firewalls and intrusion detection systems. Enhance monitoring
of ICS and ensure minimal exposure to external networks (Cyble, 2022; SecurityWeek, 2021).

• Human Behavior: Train staff to recognize and respond to cybersecurity threats promptly.
Conduct regular cybersecurity drills and awareness programs to prepare employees for potential
incidents (Cyble, 2022).

• Policy Level: Strengthen regulatory requirements for cybersecurity in critical infrastructure

sectors. Increase investment in cybersecurity defenses and mandate regular security audits for
facilities managing essential services (The Record, 2021; SecurityWeek, 2021).
Additional References

1. Cyble. (2022, May 4). Water and wastewater treatment facilities vulnerable to cyber attacks.
Retrieved from https://cyble.com/blog/water-and-wastewater-treatment-facilities-vulnerable-
to-cyber-attacks/

2. SecurityWeek. (2021, October 15). Ransomware hit SCADA systems at 3 water facilities in U.S.
Retrieved from https://www.securityweek.com/ransomware-hit-scada-systems-3-water-
facilities-us/

3. The Record. (2021, October 14). US govt reveals three more ransomware attacks on water
treatment plants this year. Retrieved from https://therecord.media/us-govt-reveals-three-more-
ransomware-attacks-on-water-treatment-plants-this-year

ChatGPT Interaction

I acknowledge the use of ChatGPT (https://chat.openai.com/) to generate the input outcome of part 1.1
of this final assessment due to the requirement of this task. The output from these prompts was used to
answer and write 4 paragraph answers the prompts in part 1.1. The prompts used include :

• Abstract (less than 200 words). Summarize the news about a critical vulnerability in Cisco ASA
and Firepower Threat Defense software. Identify Affected Software (around 100 words). List the
affected software and versions: Cisco ASA Software: Versions 9.12 to 9.14. Cisco Firepower
Threat Defense (FTD): Versions 6.4 to 6.7. Discovery and Publication (around 150 words). State
who discovered the vulnerability, how, and where it was published. Discuss Seriousness and
Reactions (around 350 words) Explain the severity and exploitation of the vulnerability, and
recommend: Technical : Patching, monitoring. Human : Security training. Policy : Strict policies,
audits.

OpenAI. (2024). ChatGPT ( ChatGPT – 3.5 version) [Large language model] ChatGPT

References

CNN. (2024). Russia-linked hacking group targets Indiana water plant. Retrieved from
https://edition.cnn.com/2024/04/22/politics/russia-linked-hacking-group-targets-indiana-water-
plant/index.html

Cyble. (2022, May 4). Water and wastewater treatment facilities vulnerable to cyber attacks. Retrieved
from https://cyble.com/blog/water-and-wastewater-treatment-facilities-vulnerable-to-cyber-attacks/

SecurityWeek. (2021, October 15). Ransomware hit SCADA systems at 3 water facilities in U.S. Retrieved
from https://www.securityweek.com/ransomware-hit-scada-systems-3-water-facilities-us/

The Record. (2021, October 14). US govt reveals three more ransomware attacks on water treatment
plants this year. Retrieved from https://therecord.media/us-govt-reveals-three-more-ransomware-
attacks-on-water-treatment-plants-this-year