The National Consortium for the Study of Terrorism and Responses to Terrorism has announced the development of the Significant Multi-Domain Incidents against Critical Infrastructure dataset. The dataset includes 130 cyber-physical and cyber-operational attacks carried out internationally against critical infrastructure sectors, including the water and wastewater sector, between January 1, 2009 and November 15, 2019. In order to be included in the dataset, an attack must:
- Have originated as a cyberattack;
- Target a critical infrastructure sector described under Presidential Policy Directive 21; and
- Be a disruptive cyber-physical or cyber-operational incident.
The dataset revealed the United States was the country that experienced the greatest number of attacks in this span. Observations about the water and wastewater sector included the following information:
- Attacks on the water sector comprised 4.35 percent of all critical infrastructure attacks;
- 14 percent of attacks by non-state actors targeted water and wastewater systems; and
- The water sector accounted for two percent of attacks by nation state actors.