Municipal water distribution systems are largely exposed and therefore, vulnerable to intentional or accidental contamination. Past incidents illustrate possible future threats and reveal the many challenges faced by policymakers, emergency personnel, consequence management teams and the general public.
In 1993, the city of Milwaukee, Wisconsin, suffered an outbreak of a protozoan parasite, Cryptosporidium parvum, which caused 400,000 residents to become ill and resulted in several deaths. Milwaukee is served by two facilities that draw water from Lake Michigan and use traditional water treatment processes.
When heavy rains fell during spring, Lake Michigan experienced increased turbidity. This raw, untreated water accompanied regulatory changes that introduced polyaluminum chloride (PACI), a new water treatment chemical that had not been tested sufficiently. Storm sewer discharges exacerbated the water quality problem.
Ultimately, a design flaw and a change in water purification for turbidity reduction likely contributed to the outbreak of Cryptosporidium parvum. Yet, this incident offers two additional insights. First, proper water treatment chemicals are critical. Second, an increased reliance on automation means that computers control chemical releases.
Although some water treatment facilities now use a dual-line water system with motorized, RF-controlled valves, these systems can be hacked remotely. In November 2011, a Stuxnet-style virus infected a water plant in Springfield, Illinois, and shut down water pumps, proving secure networks can be breached and physical equipment compromised.
As Mac Slavo with SHTFPlan.com wrote, "If hackers were to take control of the computers that maintain safe water levels and chemical treatment, they could potentially poison the water supplies of millions. People could go to sleep like any normal night, wake up in the morning and have a glass of water and be poisoned by any number of chemical or biological agents that have been released into the water supplies."
Many observers believe physical destruction of water system components and the disruption of water supplies are more likely scenarios than contamination. Other potential scenarios include damage to vital equipment by explosives, or hacking into supervisory control and data acquisition (SCADA) systems to mix raw water reservoirs with processed water downstream.
Returned pharmaceuticals and other contaminants
The presence of returned pharmaceuticals can also contaminate water supplies. Current urban filtration systems are not designed to remove over-the-counter (OTC) and prescription drugs from water supplies, and increased estrogen levels may affect both marine life and human health. In the long-term, these insidious threats may be akin to biological warfare.
Although most chem-bio agents dilute and disassociate in water, some maintain their chemical structure over an extended period of time. Along with the contaminants described in the incidents above, potable water can be contaminated by:
- Metals (As, Hg, Cr, Pb, etc.)
- Microorganisms and pathogenic agents (bacteria, virus, proteins, cryptosporidium, chlorine resistant organisms, etc.)
- Organic chemicals/compounds (trichloroethylene [TCE], acetone, styrene, household degreasers, halogenated organics, etc.), VOCs, disinfectants and byproducts, dyes, organic biocides and crude oil
- Pharmaceuticals (antibiotics, steroids fluoxymesterone, methyltestosterone, nandrolone, oxandrolone, oxymetholone, testosterone and stanozolol; acetaminophen and ibuprofen, etc.)
- Pesticides (atrazine, carbofuran, methoxychlor, 1,2-Dibromo-3-chloropropane, glyphosate, etc.) and run-off
- Non-traditional agents (NTAs), toxic industrial chemicals (TICs) and/or toxic industrial materials (TIMs).
Threat identification and mitigation
The ability to identify and prioritize contaminants determines how well we can sense, detect, isolate and mitigate threats to water supplies. In the U.S., the National Infrastructure Protection Center (NIPC) and the Critical Infrastructure Protection Advisory Group (CIPAG) play important roles.
Established in 1998 by Presidential Decision Directive (PDD) 63, NIPC gives the U.S. Environmental Protection Agency (EPA) the lead on protecting water supplies. CIPAG is composed of industry representatives and supported by water associations and federal agencies such as the EPA, FBI and Department of Energy (DOE).
CIPAG’s responsibilities include the Information Sharing and Analysis Center (ISAC) for the secure transmission of threat information and other sensitive data. Available resources include the Vulnerability Self-Assessment Tool (VSAT), which helps owners of drinking water and wastewater systems to analyze security threats, assess natural hazards and update their emergency response plans.
Planning and public policy
Other resources are also available. For example, the Water Contamination Information Tool (WCIT) is a secure, online EPA database that helps with emergency response plans and site-specific response guidelines. WCIT can provide real-time data on water contaminants and assist in decision-making if contamination occurs.
The Water Health and Economic Analysis Tool (WHEAT) helps quantify human health and economic consequences for various scenarios posing significant risks to water supplies. WHEAT supplements expert risk assessment and analyzes two types of scenarios: The loss of one or more assets and the release of a stored hazardous gas.
By examining past incidents and planning for possible future scenarios, policymakers and emergency personnel can join consequence management teams and the general public in facing threats to municipal water supplies.
Steve Melito is an award-winning content developer specializing in manufacturing, material science and homeland security.