WASHINGTON, DC – The National Security Agency and CISA have released guidance on how to secure operational technology and industrial control systems that are part of US critical infrastructure.
The joint advisory shares information on all the steps attackers use to compromise IT-enabled OT and ICS assets, which provide a large attack surface, and highlights steps security professionals can take to protect against them.
“Cyber actors, including Advanced Persistent Threat Teams (APTs), have in recent years targeted OT/ICS systems for political gain, economic advantage, and potentially to perform devastating effects. “They have recently developed tools to scan, hack, and monitor targeted OT devices,” the NSA reported. said.
The advisory also “notes the growing threats to OT and ICS assets that manage, monitor and control day-to-day critical infrastructure and industrial processes. OT/ICS designs are publicly available, as are many tools for using IT and OT systems.’
In today’s recommendation [PDF]you can find detailed information on how to block attacks by threat actors at every stage, including attempts to gather operational information, gain initial access, or deploy and execute malicious tools on compromised critical infrastructure systems.
To read more, click on BleepingComputer