EPA OW Medium Cybersecurity Alert - PRC State-Sponsored Actors Use BRICKSTORM
Attention Water Suppliers and State Primacy Agencies:
Please review this EPA medium security alert: PRC State-Sponsored Actors Use BRICKSTORM Malware for Long-Term Persistence on Victim Systems.
This alert is intended to inform water and wastewater systems about recent cyber-threat activity involving state-sponsored actors associated with the People’s Republic of China (PRC) that are deploying BRICKSTORM malware to exploit and maintain long-term persistent access on victim systems. EPA recommends that water and wastewater systems review it and, as appropriate, follow the mitigation steps. Although the successful deployment of the BRICKSTORM malware could potentially impact OT systems, there is currently no indication that this vulnerability directly implicates OT systems or compromises a water utility’s ability to provide clean and safe water; hence, the medium-level designation.
Patti Kay Wisniewski
Drinking Water Preparedness and Resiliency Coordinator
US EPA Region 3