- La colaboración entre Seguridad y FinOps puede generar beneficios ocultos en la nube
- El papel del CIO en 2024: una retrospectiva del año en clave TI
- How control rooms help organizations and security management
- ITDM 2025 전망 | “효율경영 시대의 핵심 동력 ‘데이터 조직’··· 내년도 활약 무대 더 커진다” 쏘카 김상우 본부장
- 세일포인트 기고 | 2025년을 맞이하며… 머신 아이덴티티의 부상이 울리는 경종
NSA Reveals
Two of the US government’s top security agencies have released a detailed new report outlining the steps owners of operational technology (OT) and industrial control systems (ICS) can take to secure critical infrastructure.
These assets are increasingly a target for APT groups keen to achieve political and economic advantage. Many attacks are designed for data theft or reconnaissance, but occasionally threat actors aim for something more destructive.
The NSA and Cybersecurity and Infrastructure Security Agency (CISA) are hoping that the mitigations outlined in their report, Control System Defense: Know the Opponent, will help OT managers prevent malicious actors from achieving their aims.
“Traditional ICS assets are difficult to secure due to their design for maximum availability and safety, coupled with their use of decades-old systems that often lack any recent security updates,” the report explained.
“Newer ICS assets may be able to be configured more securely, but often have an increased attack surface due to incorporating Internet or IT network connectivity to facilitate remote control and operations. The net effect of the convergence of IT and OT platforms has increased the risk of cyber-exploitation of control systems.”
The report lists five key mitigations:
- Limit exposure of system information in public forums to disrupt the early intelligence-gathering phase of the cyber kill chain
- Identify and secure remote access points to reduce the attack surface
- Limit access to network and control system application tools and scripts to legitimate users performing legitimate tasks on the control system
- Conduct regular independent security audits, especially of third-party vendor access points and systems
- Implement a dynamic network environment to limit the opportunities for intelligence-gathering, long-term access and bespoke tool development that static networks afford
“Owners and operators of these systems need to fully understand the threats coming from state-sponsored actors and cyber-criminals to best defend against them,” said Michael Dransfield, NSA control systems defense expert.
“We’re exposing the malicious actors’ playbook so that we can harden our systems and prevent their next attempt.”