Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity
CISA, in collaboration with the following organizations, co-authored this joint fact sheet:
This fact sheet provides information and mitigations associated with cyber operations conducted by pro-Russia hacktivists who seek to compromise industrial control systems (ICS) and small-scale operational technology (OT) systems in North American and European critical infrastructure sectors, including Water and Wastewater Systems, Dams, Energy, and Food and Agriculture Sectors.
The pro-Russia hacktivist activity appears mostly limited to unsophisticated techniques that manipulate ICS equipment to create nuisance effects. However, investigations have identified that these actors are capable of techniques that pose physical threats against insecure and misconfigured OT environments.
CISA and partners encourage OT operators in critical infrastructure sectors to apply the recommendations listed in the fact sheet to defend against this activity. To learn more about secure by design principles and practices, visit CISA's Secure by Design webpage. For more information and guidance on protection against the most common and impactful threats, tactics, techniques, and procedures, visit CISA’s Cross-Sector Cybersecurity Performance Goals.
President and Manager at Beehive Technology Solutions LLC Service-Disabled Veteran Owned Business (SDVOB) Federal and State Small Certified Business; Microsoft Partner Risk Digital Services
7 个月The cross-sector performance goals are traced to CSF, but this is incorrect. The goals as KPI (FEA2-FEAF) should trace to NIST GRC-RMF NIST 800-53 Rev 5 and NIST 800-37 Rev 2 as part of FISMA and Cir A-130 OMB. The White House Letter on Jul 25, 2024, updates ATO and FEDRAMP with OSCAL requirements, pointing to NIST RMF, not CSF, as the CISA and CPG Goals website incorrectly highlights. From the Jul 24, 2024, WH Letter for Agencies Section: 5) Continuously diagnose and mitigate against cyber threats and vulnerabilities associated with the usage of cloud service offerings; 6) Ensure that agency governance, risk, and compliance (GRC) tools and system inventory tools can produce, transmit, and ingest machine-readable authorization artifacts using OSCAL or any succeeding formats as identified by FedRAMP; 7) Provide data and information concerning how they are meeting relevant security metrics by OMB guidance; We can do better with the guidance from CISA. We are mitigating risk, not cyber.
????HKHackerCloud Co-Founder & CEO | Grey Hat | HKCNSA | Global Hacker Project | Deepfake & Malware Project | Internal Attack and Social Engineering Research | Bug Bounty Hunter | Ethical Hacking Tools Development
9 个月Nice
Cybersecurity Analyst | Privileged Access Management | Threat Analysis | Risk Management | Incident Response | "..take your rest in security." - Job 11:18
10 个月security in our cyber-world is everyone's responsibility! Security must be carried on into our homes and everywhere in between. it would be great to spend on educating the general public as was done in the 80s about seat belts or drugs... " this is your data... this is your data on the net... any questions?" :) the collaboration and effort to put this information together is awesome!! count me in to share this post!
Founder @ Vizuewl Dramatics | PhD, Philosophy of Cyber Operations
10 个月Thank you for highlighting this advisory on the cyber threats by pro-Russia hacktivists targeting operational technology (OT) systems in critical sectors like water, energy, and agriculture. The vulnerabilities identified, including the exploitation of default passwords and outdated VNC software, present significant risks. Immediate actions like changing default passwords, limiting internet exposure of OT systems, and implementing multifactor authentication are crucial. The recommendations provided are essential for strengthening security against these threats. Practices such as updating software, establishing allowlists, and integrating cybersecurity into all phases of OT management are vital. Resources and support from agencies like CISA underline a collaborative defense approach. Following these guidelines is essential for protecting critical infrastructure and ensuring collective security resilience.
The fact sheet emphasizes the importance of securing these systems and provides actionable recommendations for OT operators. It’s a call to action to strengthen defenses against cyber threats by adhering to secure by design principles and implementing cybersecurity best practices. The collaboration between such a wide array of agencies underscores the seriousness of the threat and the need for a unified response to protect critical infrastructure.