Agencies urge critical infrastructure to act now to improve OT cybersecurity

CISA, the FBI, Environmental Protection Agency and Department of Energy are aware of cyber incidents affecting the operational technology (OT) and industrial control systems (ICS) of critical infrastructure entities in the United States, the agencies said in a new fact sheet on primary mitigations to reduce cyber threats to operational technology.

The authors urge critical infrastructure entities to review and act now to improve their cybersecurity posture against cyber threat activities specifically and intentionally targeting internet-connected OT and ICS.

This includes removing OT connections to the public internet. OT devices lack authentication and authorization methods that are resistant to modern threats and are quickly found by searching for open ports on public IP ranges with search engine tools to target victims with OT components.

Read more at CISA