Agencies Urge Infrastructure Operators to Bolster Cybersecurity Amid OT Attacks
The Cybersecurity and Infrastructure Security Agency (CISA), FBI, Department of Energy (DOE), and Environmental Protection Agency (EPA) have joined forces to issue crucial new guidance. They urge infrastructure operators to bolster cybersecurity measures, as a wave of cyber incidents is impacting operational technology (OT) and industrial control systems (ICS) in the US.
These attacks, often carried out by unsophisticated actors, are exploiting OT systems connected to the public internet. Such systems frequently lack modern security controls, leaving them vulnerable. The consequences have been severe, with operational disruptions and even physical damage reported.
To strengthen cybersecurity, the agencies recommend implementing industry standard frameworks for cybersecurity controls and strict review processes. They advise asset owners and operators to disconnect OT systems from the public internet, secure remote access, segment IT and OT networks, and maintain manual operation abilities. This will help reduce exposure and improve defences against these intrusions.
The new guidance highlights the need for robust cybersecurity governance and audits. Default passwords, misconfigured systems, and unsecured remote access have been identified as key vulnerabilities. By following the recommended measures, infrastructure operators can enhance their cybersecurity posture and protect critical infrastructure from cyber threats.
Read also:
- MIH Consortium Chooses BlackBerry for Next-Gen EV Platform
- Aquatech purchases Koch's Direct Lithium Extraction business, merging Li-ProTM DLE technology into the PEARLTM Technology Platform.
- Li Auto faces scrutiny after crash test involving i8 model and a truck manufacturer sparks controversy
- Emerging Investment Trends in China's Ethical Finance Sector for 2025
