NSA, cybersecurity partners issue urgent OT threat warning
Pro-Russia hacktivists are conducting malicious cyber activity against operational technology (OT) devices and critical infrastructure organizations are encouraged to implement mitigations, according to a Fact Sheet released on May 1 by the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Environmental Protection Agency (EPA), Department of Energy (DOE), United States Department of Agriculture (USDA), Multi-State Information Sharing and Analysis Center (MS-ISAC), the U.K. National Cyber Security Centre, and the Canadian Centre for Cyber Security.
According to the report, “Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity,” the hacktivists are compromising small-scale OT systems in North American and European Water and Wastewater Systems (WWS), dams, energy, and food and agriculture sectors.
Since 2022, the authoring organizations observed malicious activity and are releasing this joint guidance to share information and mitigations associated with the pro-Russia hacktivists’ recent cyber operations against OT.
“This year we have observed pro-Russia hacktivists expand their targeting to include vulnerable North American and European industrial control systems,” said Dave Luber, NSA’s director of cybersecurity. “NSA highly recommends critical infrastructure organizations’ OT administrators implement the mitigations outlined in this report, especially changing any default passwords, to improve their cybersecurity posture and reduce their system’s vulnerability to this type of targeting.”
The recommendations in this report include hardening human machine interfaces, limiting exposure of OT systems to the internet, using strong and unique passwords, and implementing multifactor authentication for all access to the OT network. These recommendations are helpful to counter any actors using these techniques.
Source: NSA
Stay in the know with breaking news from across the IC and IC contracting landscape by becoming a paid subscriber to IC News. Your support makes our work possible.