(KTEN) — International cyber attacks on America's drinking water infrastructure are on the rise.

The Environmental Protection Agency is urging water systems to take action to protect their utilities.

"These attacks, carried out by countries and criminals, have the potential to disrupt the critical lifeline of clean and safe drinking water," the agency said in a statement.

Most water suppliers rely on a computer system to operate their treatment plants.

"Controls all of our water plants — our wells, our pressures, our water tank levels, and everything, chlorine levels," said Jeff Bice, general manager of Two Way Special Utility District in Whitesboro, Texas. 

The EPA has found that other countries have hacked into utility networks, causing water systems to overflow, interrupting treatment, damaging pumps, and altering chemical levels.

And some of these attacks are happening closer to home than you might think.

Earlier this year, three Texas Panhandle towns were targeted, all with a population of under 5,000 people, similar to the size of many Texoma water utility suppliers.

"If anything ever happened, we would be alerted immediately," Bice said, adding that his team stays up to date with EPA notices, and adheres to the urgency of the EPA's warning.

"Changing passwords and such, backing up everything," he said.

Bice added that if hackers attempt to break in, the system can be "unplugged" and operated manually.

The EPA notified water utilities across the country to take the necessary steps to keep their systems secured.

In a statement to KTEN,  the EPA said:

If you are concerned about cyberthreats in your drinking water, contact your water utility to learn more about steps they are taking to protect your drinking water.
 
EPA, CISA, and the FBI strongly recommend system operators take steps outlined in Top Actions for Securing Water Systems:
  1. Reduce exposure to public-facing internet.
  2. Conduct regular cybersecurity assessments.
  3. Change default passwords immediately.
  4. Conduct an inventory of OT/IT assets.
  5. Develop and exercise cybersecurity incident response and recovery plans.
  6. Backup OT/IT systems.
  7. Reduce exposure to vulnerabilities.
  8. Conduct cybersecurity awareness training.