'Elevated' risk of hackers targeting UK drinking water, says credit agency

The credit rating agency Moody's has warned that water companies face an "elevated" risk from cyber attackers targeting drinking water, as suppliers wait on permission from the industry regulator to ramp up spending on digital security. Moody's said, in a report to investors, that hackers are increasingly zeroing in on infrastructure companies, including water and wastewater treatment companies, and the use of AI (artificial intelligence) could accelerate this trend. Last month, Southern Water, which supplies 4.6 million customers in the south of England, said the Black Basta ransomware group had claimed to have accessed its systems, posting a "limited amount" of data on the dark web. Separately, South Staffordshire Water apologised in 2022 after hackers stole customers' personal data. Moody's warned that the growing use of data-logging equipment to monitor water consumption, and the use of digital smart meters, made companies more vulnerable to attacks.