CISA Sounds the Alarm on Threats to Operational Technology

The fact sheet urges infrastructure entities to take action to improve their cybersecurity posture and offers a number of ways to mitigate the existing threats:

• Remove OT connections to the public internet
  • Sophisticated bad actors can find and exploit public-facing assets
• Change default passwords immediately and use strong, unique passwords
  • Default passwords are often available on the internet or easily guessable
• Secure any remote access to OT networks
  • If remote access is necessary, upgrade to a private network connection using a VPN and multifactor authentication
• Apply the principle of least privilege to each specific OT asset
  • Limit access to users who need access to each specific asset and limit each user’s rights to their specific scope of work
• Segment IT and OT networks
  • This will reduce the impact of a successful cyberattack
• Practice and maintain the ability to operate OT systems manually
  • Prepare for a cyber incident by gaming out reverting to manual controls to restore operations in the event of a cyberattack.

CISA also recommends that organizations that use third parties as a part of their OT infrastructure communicate with those third parties regularly on the above topics.

The CISA fact sheet links to a number of detailed resources to assist organizations with achieving the above.

Vinson & Elkins assists clients in identifying, managing, and mitigating cybersecurity and data privacy risks, from early planning and assessment to managing incident response and resulting litigation.