Building on information contained in the advisory AWWA issued earlier in the week about the SolarWinds Orion Platform hack, the Cybersecurity Infrastructure Security Agency issued the following update on Thursday: “CISA has evidence of additional initial access vectors, other than the SolarWinds Orion platform; however, these are still being investigated. The incident is being described as posing a “grave risk” to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations.” A joint statement issued by CISA, the Federal Bureau of Investigation (FBI) and the Office of the Director of National Intelligence (ODNI) notes the formation of a Cyber Unified Coordination Group (UCG) to coordinate a whole-of-government response to this significant cyber incident. AWWA advises members to assess the threat the breach poses to their technology infrastructure based on the information provided by CISA. CISA will continue to provide updates as new information becomes available and will also provide technical assistance, upon request, to affected entities as they work to identify and mitigate potential compromises. CISA encourages affected entities to report any suspicious activity, including cybersecurity incidents, possible malicious code, software vulnerabilities and phishing-related scams. Reporting forms can be found on the CISA/US-CERT homepage . Questions can be directed to Kevin Morley , AWWA’s federal relations manager.