A single water utility in California has received more than 6 million hits from China-based addresses within a week, pointing to the Chinese communist regime’s ongoing efforts to scan for U.S. critical infrastructure vulnerabilities, according to security experts.
The South Coast Water District (SCWD) blocked these connection attempts between July 15 and July 23.
It revealed the figure in a July 23 industry webinar hosted by the Water Information Sharing and Analysis Center, showing a firewall dashboard by security company ThreatSTOP.
SCWD provides potable water, recycled water, and wastewater services to about 40,000 residents, 1,000 businesses, and 2 million visitors annually in Orange County, California.
During the webinar, ThreatSTOP CEO Tom Byrnes and chief scientist Paul Mockapetris, who invented the Domain Name System, advised water industry professionals to tailor who is allowed access to their servers and said that there are some obvious limits one can set.
“If you’re a water district in southern California, you probably don’t have any customers in China,” Mockapetris said.
A ThreatSTOP case study on its website shows that as far back as 2011, even a school district’s network printers in West Memphis, Arkansas, were receiving regular access attempts from China.
Byrnes stated that the 6 million figure had increased overnight from 5 million, demonstrating that critical infrastructure, such as water systems, is constantly being scanned for vulnerabilities.
SCWD’s ThreatSTOP firewall dashboard also showed more than 34,000 blocked connection attempts originating from Bulgaria and more than 21,000 from Iran.
Hellbound and Down 