The Cybersecurity and Infrastructure Security Agency (CISA) released an alert this week warning of unsophisticated cyber actors increasingly targeting Industrial Control Systems (ICS) and SCADA environments within U.S. oil and natural gas infrastructure, specifically in Energy and Transportation Systems. While these cyber actors may lack sophistication, their activities pose serious risks in the case of poor cyber hygiene and exposed assets. As the alert notes, even basic intrusion techniques can lead to defacement, configuration changes, operational disruptions, and in severe cases, physical damage.
CISA’s official alert is available here.
CISA strongly urges review of their Primary Mitigations to Reduce Cyber Threats to Operational Technology, which outlines the following guidance:
CISA's alert points to observed activity targeting Oil & Natural Gas infrastructure, particularly Energy and Transportation systems. These sectors are not regulated as stringently for cybersecurity as electric utilities under NERC CIP and therefore may vary in levels of cybersecurity maturity.
For organizations needing to strengthen security best practices, solutions like Industrial Defender can help OT asset owners and operators close gaps in their cyber hygiene and bring the implementation of critical cybersecurity controls up to standard. Industrial Defender can bring visibility to the security risks outlined above—monitoring OT assets, ensuring secure configurations, addressing vulnerabilities, and increasing vigilance across OT environments for weaknesses and signs of intrusion. We echo CISA's call to improve cyber hygiene and are available to help asset owners understand their risk landscape and take proactive steps to secure it. Establishing these best practices is key to minimizing risk and safeguarding critical operations.