Water Security
Understanding the threat of water warfare
What is water terrorism?
Water security has always been a top priority for human civilization as safe drinking water is essential to the survival of individuals and societies. Water is necessary for agriculture, bathing, industry, cooking, electricity and leisure.
Since the planet has a limited supply of fresh water, things start to get slippery when people are forced to decide who gets what water and at what cost.
Fighting over water is “a tale as old as time,” said William Meier, the TCU history department chair. “I think people are going to increasingly fight over water. This seems to be becoming more and more of one of those potential causes of conflict.”
Not only do nations fight over water resources, water warfare is a historically common method of sabotage. From the Assyrians diverting canals, to the Romans cutting off water supplies, to the Confederate soldiers polluting wells, to the Russians destroying Ukrainian dams, water has been weaponized to starve, flood and poison enemies.
In the modern era, there are even more potential methods of water terrorism, including biological, chemical and radiological contamination, destruction of physical infrastructure and disruption to computer systems.
Water contamination can come in the form of improper sewage treatment, industrial runoff and oil spills, but most of these are accidental. Dumping animal carcasses in enemy wells or intentionally inserting harmful pathogens, toxic metals or toxic organic compounds into the water supply, however, is an example of purposeful water contamination.
Where are water targets?
It is inherently obvious that safe drinking water is essential to public health and all human activity. There is a “critical need for water in every sector of our industrialized society,” and “even short-term disruption of water service can significantly impact a community,” according to the 2005 Annual Review of Public Health.
Many parts of the U.S. have outdated and decaying infrastructure. “Their age and deterioration make them vulnerable to disruption,” as stated in “Making the Nation Safer: The Role of Science and Technology in Countering Terrorism.”
There are three main targets in the water supply:
- The water source;
- The water treatment plant;
- The distribution of water to its consumers.
According to the “Making the Nation Safer” report, contamination of a water source, such as a reservoir or river, would “likely not produce a large risk to public health” because of the large volumes of water and the fact that the water has not yet been treated. The filtration and disinfection of the water at the treatment facility would dilute and remove the contaminants.
The same thing can be said about water treatment facilities. If a contamination happens before or during treatment, the software and filtration technology will disinfect the water as necessary.
The distribution stage is the most vulnerable to contamination because the water has already been treated. Pipes, pumps, water towers and water storage tanks all contain filtered water, so the introduction of contaminants at this point will go directly to consumers, causing potential health risks.
However, a terrorist attack of this kind would be extremely difficult to execute. The attacker would need site-specific knowledge and access to key locations, according to FBI congressional testimony.
Additionally, due to the heightened awareness of potential threats following 9/11, key infrastructure locations are much more secure and monitored than they were in the past.
Water towers and water pipes are actually weak targets because they only affect a small area. In terms of terrorism, it is extremely high cost for a low reward.
“The consequences of attacking water systems are more limited,” Ralph Carter, a TCU political science professor, said. “Water systems are not that interconnected. If you can disable a city's water system, that's a big deal for the people in that city, but it may only affect people in that city. There's limited returns for targeting a government entity that doesn't have a lot of cash sitting around. It makes more sense to target a business.”
Are U.S. cybersecurity measures effective?
Cyberterrorism is “an attractive option for modern terrorists,” according to the U.S. Institute for Peace Special Report 119.
Water facilities have upped their cybersecurity measures post-9/11 to ensure that hackers cannot get into the water supply.
“We’re as bulletproof as technology can be right now,” said Erik Irwin, the assistant superintendent of Fort Worth’s Westside Water Treatment Plant. “We’re always updating our technology.”
Despite the increasing efforts to secure our water systems, some experts aren’t so confident in our nation’s cybersecurity.
“I think our cybersecurity stinks,” Carter said. “It’s only a matter of time before any of our critical infrastructure, banking, water treatment, electricity, is seriously hacked because a 14-year-old could figure out how to do it. And if they can do it, then you know, China can do it. North Korea can do it. Syria can do it. Russia can do it.”
Have there been recent water-related incidents?
Between 1970-2016, there were 675 water-related terrorism incidents “in 71 countries, conducted by 124 known terrorist organizations and resulting in approximately 3,400 dead or wounded people,” according to the New Security Beat, the blog of the Environmental Change and Security Program.
The Rajneesh cult performed the first documented bioterrorism incident in the U.S. when its members contaminated salad bars and a city water supply tank with Salmonella, leading to a community-wide outbreak in salmonellosis.
In 2011, a hacker claimed that he breached into the software network of a South Houston water treatment plant. Though there was no damage, and the Department of Homeland Security did not comment on this incident, the hacker claimed it “required almost no skill” to breach into the Supervisory Control and Data Acquisition (SCADA) software used for controlling industrial systems.
In 2013, seven Iranian hackers pierced the computer-guided controls of the Bowman Avenue Dam, a small dam in New York, as part of their plotted cyberattacks against many American computer systems.
In 2021, a hacker accessed the Oldsmar, Florida, water treatment system and “briefly increased the amount of sodium hydroxide,” according to the Tampa Bay Times. The city’s water supply was not affected.
In January 2024, a small town in northwest Texas lost thousands of gallons of water due the city’s water supply being hacked. The hackers were potentially linked to an infamous Russian hacking group, confirming the first case of a Russian cyberattack on the U.S. water supply if true.