The National Security Agency (NSA) and Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint alert warning that, over recent months, hackers have been attempting to target Critical Infrastructure (CI) by exploiting Internet-accessible Operational Technology (OT) assets. The alert notes recently observed tactics from the hackers, including spear phishing and ransomware. The alert recommends that owners and operators of CI take immediate steps to ensure the safety of their systems. The alert recommends that owners and operators: (1) have a resilience plan for OT, (2) exercise an incident response plan, (3) harden their networks, (4) create an accurate “as-operated” OT network map, (5) understand and evaluate cyber-risk on “as-operated” OT assets, and (6) implement a continuous and vigilant system monitoring program.
View the Joint Alert