- Buy Microsoft Visio Professional or Microsoft Project Professional 2024 for just $80
- Get Microsoft Office Pro and Windows 11 Pro for 87% off with this bundle
- Buy or gift a Babbel subscription for 78% off to learn a new language - new low price
- Join BJ's Wholesale Club for just $20 right now to save on holiday shopping
- This $28 'magic arm' makes taking pictures so much easier (and it's only $20 for Black Friday)
NSA Reveals
Two of the US government’s top security agencies have released a detailed new report outlining the steps owners of operational technology (OT) and industrial control systems (ICS) can take to secure critical infrastructure.
These assets are increasingly a target for APT groups keen to achieve political and economic advantage. Many attacks are designed for data theft or reconnaissance, but occasionally threat actors aim for something more destructive.
The NSA and Cybersecurity and Infrastructure Security Agency (CISA) are hoping that the mitigations outlined in their report, Control System Defense: Know the Opponent, will help OT managers prevent malicious actors from achieving their aims.
“Traditional ICS assets are difficult to secure due to their design for maximum availability and safety, coupled with their use of decades-old systems that often lack any recent security updates,” the report explained.
“Newer ICS assets may be able to be configured more securely, but often have an increased attack surface due to incorporating Internet or IT network connectivity to facilitate remote control and operations. The net effect of the convergence of IT and OT platforms has increased the risk of cyber-exploitation of control systems.”
The report lists five key mitigations:
- Limit exposure of system information in public forums to disrupt the early intelligence-gathering phase of the cyber kill chain
- Identify and secure remote access points to reduce the attack surface
- Limit access to network and control system application tools and scripts to legitimate users performing legitimate tasks on the control system
- Conduct regular independent security audits, especially of third-party vendor access points and systems
- Implement a dynamic network environment to limit the opportunities for intelligence-gathering, long-term access and bespoke tool development that static networks afford
“Owners and operators of these systems need to fully understand the threats coming from state-sponsored actors and cyber-criminals to best defend against them,” said Michael Dransfield, NSA control systems defense expert.
“We’re exposing the malicious actors’ playbook so that we can harden our systems and prevent their next attempt.”
