Despite cyberattacks, water security standards remain a pipe dream

The article describes repeated cyber intrusions targeting U.S. water systems by actors tied to China, Russia, and Iran, noting the sector's reliance on legacy OT, default credentials, and internet-exposed devices. It highlights specific incidents (e.g., a tank overflow in Muleshoe), the observed activity of groups such as Sandworm and Volt Typhoon, and outlines regulatory, funding, and technical challenges to securing thousands of disparate water utilities.