The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) released a joint Cybersecurity Advisory with technical details associated with Hive ransomware variants identified through FBI investigations as recently as November 2022. From June 2021 through at least November 2022, threat actors have used Hive ransomware, which follows the Ransomware-as-a-Service (RaaS) model, to target a wide range of businesses and critical infrastructure sectors. The method of initial intrusion depends upon the Hive RaaS affiliate that targets the network, using compromised credentials in Remote Desktop Protocol, virtual private networks, and other remote network connection protocols in which multifactor authentication is not enabled. The U.S. Environmental Protection Agency (EPA) recommends that all drinking water and wastewater utilities take the following mitigation actions: Prioritize remediating known exploited vulnerabilities Enable and enforce multifactor authentication with strong passwords Close unused ports and remove any application not deemed necessary for day-to-day operations Follow the mitigation steps outlined in the Joint Cybersecurity Advisory to protect your organization from a potential Hive ransomware attack If you suspect your organization is the victim of a ransomware attack, please report to CISA at https://us-cert.cisa.gov/forms/report and/or FBI at https://www.ic3.gov/ . In addition, AWWA has developed some essential planning resources to support water utilities with cyber resilience based on the NIST Cybersecurity Framework and associated standards. They are designed to help examine a utility’s potential exposure to cyber risks, set priorities, and execute an appropriate and proactive cybersecurity strategy. START HERE: Water Sector Cybersecurity Risk Management Guidance . Practical, step-by-step guidance from AWWA for protecting process control systems used by the water sector from cyberattacks. Following this guidance saves time and yields more comprehensive, accurate and actionable recommendations from the Assessment Tool. Assessment Tool . This interactive tool asks utilities to examine how they are using various technologies. Based on responses, the tool generates a customized, prioritized list of controls that are most applicable to the utility’s technology applications. Utilities can use this output to determine the implementation status of critical controls designed to mitigate cybersecurity vulnerabilities. AWWA website login is required for access. Small Systems Guidance . A getting-started guide to help small and rural utilities improve cybersecurity practices. This resource is targeted for water utilities serving fewer than 10,000 people, and especially those serving fewer than 3,300 people, and follows the Water Sector Cybersecurity Risk Management Guidance. Questions can be directed to Kevin Morley , AWWA’s federal relations manager.