Utility companies urged to examine cybersecurity | News, Sports, Jobs

With an escalation in tensions around the world, utilities in smaller communities are being urged by federal agencies to check for possible vulnerabilities to cyber attacks.

The Lycoming County Water and Sewer Authority has received directives from government agencies, such as the Environmental Protection Agency, the Cybersecurity and Infrastructure Security Agency as well as Homeland Security, advising the authority to examine its cybersecurity to look for any vulnerabilities to an attack.

Over the past two weeks, according to Christine Weigle, executive director, the authority has been “inundated with information and directives and documents.”

“We’re still monitoring the directives and the guidance documents to make sure that we continue to protect ourselves in this very uncertain and very scary time, because cybersecurity is a very serious event,” she stressed.

“Our industry is on high alert. It’s been non-stop with information that’s being thrown at us right now. Homeland Security and the EPA have been keyed in on our industry–water, wastewater–for some time, because there are significant vulnerabilities, especially in smaller systems,” Weigle said.

Typically infrastructure refers to water and sewer lines, Weigle noted, but in this case, infrastructure means internet and cybersecurity, such things as modems and routers.

“Programs and systems that you put in place so we can keep people out,” she added.

Weigle made the comments following the monthly LCWS authority board meeting.

During the meeting, she had told board members that their proactive approach to cybersecurity, by including it as part of their strategic planning, had put them ahead of the game compared to some systems.

“We were smart in our effort during the strategic planning process to add cybersecurity to our program goals and objectives for this year. We are up and running with a number of the items we identified during that strategic planning process,” Weigle said.

The local authority doesn’t have open networks and they utilize static IP addresses.They are continuing to monitor their systems and are continuing to develop a program that would be put in place for training, Weigle said.

Open networks are dangerous because hackers can get in and access information, disrupt operations or they can demand money such as in a ransomware attack.

“Multi-factor authentication is going to come rapidly we’re going to have to implement it. We were talking about it at the end of last year and we’re going to have to do it now, for sure. Real-time monitoring is in place for all of our computers. We’ve upgraded some equipment. It really has been an issue that over the past two weeks, we’ve spent a lot of time on,” she said.

The authority has put in place layers of protection which has put them “ahead of the curve,” she said.

“There’s a lot of work that we’ve already done. Systems and equipment that we’ve had in place for years now that many, many other water and sewer providers haven’t even thought about.

I think we’re in a good spot, but that doesn’t mean we can rest on our laurels,” Weigle said.

“There are nefarious people out there and they’re trying to get data and they’re trying to get money and they’re trying to wreak havoc on the United States,” Weigle said.

When contacted, Ryan Hill, senior director-corporate communications for PPL stated:

“PPL’s top priority is protecting our energy grid and the critical infrastructure we rely upon to deliver energy safely and reliably. PPL has made significant investments in tools, technology, and people to strengthen our protections, mitigate the risks of cyberattacks and respond quickly, if necessary.”

“PPL also coordinates closely with our government and industry partners to monitor and share important and timely information on the latest threats. We continue to monitor ongoing situations and remain vigilant,” he added

In other actions at the authority’s meeting, the board approved the following:

•A capital additions project requisition in the amount of $2,710 for the Montoursville outfall project.

•The designation of Weigle as the authorizing agent for the purchase of a 2022 Ranger 4×4 SuperCrew, from Sunbury Motors Ford with a lead time of eight weeks to eight month. The board approved the purchase last month.

•A resolution regarding the destruction of records in accordance with the Municipal Records Manual.

•A resolution authorizing the appropriation of properties in Limestone Township at Pinewoods and Perry Nigart roads for the purpose of future needs for the authority.

•A measure to include a notice in customers’ bills next month detailing the protocol they need to follow before digging on their property.

•The next meeting of the board will be at 6 p.m., April 6 at 380 Old Cement Road, Montoursville.