Stronger passwords, segmentation, and manual operations are advised: CISA cited past analysis to emphasize that targeted systems use default or easily guessable (using open-source tools) passwords. Changing default passwords for strong and unique ones is important for public-facing internet devices that have the capability to control OT systems or processes, it added in the advisory.Segmenting IT and OT networks was also advised. “As OT becomes more integrated with IT systems, it presents more opportunities for attackers,” Nathaniel Jones, vice president of Threat Research at Darktrace, told CSO in a comment. “OT security is strongest when supported by robust IT security, requiring coordination between IT and OT teams to defend the entire network.”Additionally, CISA highlighted that the capability for organizations to revert to manual controls to quickly restore operations is vital in the immediate aftermath of an incident.The advisory is particularly noteworthy as CISA generally doesn’t sound the alarm on elementary hacks of this scale. “The fact that CISA has a need to report on the activities of an unsophisticated threat activity is noteworthy,” said Trey Ford, chief information security officer at Bugcrowd. “Their issuing an intelligence product focusing on hygienic cybersecurity foundations like this is a reminderall security programs are on a journey, and failure in these seemingly obvious controls leads to certain failure and compromise.” Earlier this year, the US security watchdog warned of critical, high-risk flaws in ICS products from four leading industrial vendors.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/3981193/cisa-warns-of-cyberattacks-targeting-the-us-oil-and-gas-infrastructure.html
