On July 25, 2023, the states of Missouri, Arkansas, and Iowa, along with intervenors American Water Works Association and National Rural Water Association, petitioned the Eighth Circuit to review the EPA’s new rule. This rule requires states to review and report cybersecurity threats to their public water systems (PWS).

The states’ brief argues that the EPA’s Cybersecurity Rule unlawfully imposes new legal requirements on states and PWSs. It also contends that the rule exceeds the EPA’s statutory authority by ignoring congressional actions that limit cybersecurity requirements to large PWSs and by changing the criteria for sanitary surveys through a memorandum

And then there a bunch of PLCs at water utilities compromised:

https://www.politico.com/news/2023/11/28/federal-government-investigating-multiple-hacks-of-us-water-utilities-00128977

https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs-used-water-and-wastewater-systems

https://apnews.com/article/water-utilities-hackers-cybersecurity-1c475f5d2ef3b5d52410c93bdeab3aad

https://www.bleepingcomputer.com/news/security/hackers-breach-us-water-facility-via-exposed-unitronics-plcs/

So many more…

Now, I can understand arguments about jurisdictions, but would the exact same requirements coming from CISA instead of the EMP have been OK, or where these places just whining about any kind of oversight? At the end of the day, they look a little foolish.

  • Snot Flickerman
    link
    fedilink
    English
    arrow-up
    24
    ·
    9 months ago

    They’re Republicans. Reality doesn’t matter, only Power and Party.

    They’ll gladly shoot themselves in the foot as long as it hurts poor people more.

    • Adalast@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      9 months ago

      So what I’m hearing is that any cyber “vindication” should be targeted at the highest income communities in the states. Gotcha.