Top U.S. government cyber agencies on Thursday highlighted the willingness of malicious cyber actors to attack internet-connected operational technology (OT) that is critical to the performance of defense and national security systems and recommended that organizations take steps to harden their networks and ensure resiliency plans are in place.
The joint advisory doesn't cite a specific threat but warns the Defense Department, the defense industrial base (DIB), owners and operators of national security systems (NSS), and critical infrastructure facilities to take actions now in case of a sudden crisis.
"At this time of heightened tensions, it is critical that asset owners and operators of critical infrastructure take the following immediate steps to ensure resilience and safety of U.S. systems should a time of crisis emerge in the near term," says the joint advisory by the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA). "The NSA along with CISA recommend that all DoD, NSS, DIB and U.S. critical infrastructure facilities take immediate actions to secure their OT assets."
OT systems are the technologies that control industrial and critical infrastructure functions such as dam gates, building systems, energy and transportation systems.
Threats include the loss of availability of an OT system, loss of view for human operators, manipulation of systems by adversaries, and loss or productivity and revenue.
The agencies say that recent attack tactics include spearphishing, commodity ransomware, connecting to operational controls that don't require authentication for initial access, use of vendor engineering software and program downloads, and other methods.
Immediate actions prescribed in the joint advisory for owners and operators of OT systems include making sure resiliency plans are in place, exercising incident response plans, hardening networks, having an OT network map and cyber risks to systems, and monitoring their networks.
"Operational technology assets are pervasive and underpin many essential national security functions, as well as the defense industrial base," Anne Neuberger, director of NSA's Cybersecurity Directorate, said in a statement. "We encourage all stakeholders to apply our joint recommendations with DHS CISA."