- Use AI at work? You might be ruining your reputation, a new study finds
- Why Whoop's policy change has fans fuming
- Apple now sells refurbished iPhone 15 models at discounted prices (including the Pro Max)
- The best no-log VPNs of 2025: Expert tested and reviewed
- Here's how to get a free iPhone 16 Pro from T-Mobile with no trade-in required
US Federal Agencies Alert on “Unsophisticated” OT Cyber-Threats
A wave of cyber incidents affecting operational technology (OT) and industrial control systems (ICS) in US critical infrastructure sectors has prompted a renewed call for action from federal agencies.
The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the FBI, Department of Energy (DOE) and Environmental Protection Agency (EPA), has issued new guidance urging infrastructure operators to immediately strengthen their cybersecurity posture.
The advisory highlights an increase in attempts by unsophisticated cyber actors to exploit OT systems connected to the public internet.
These systems, common in sectors like energy and transportation, often lack modern security controls and remain vulnerable to basic intrusion techniques.
Despite their simplicity, these attacks have resulted in configuration changes, operational disruptions and even physical damage in some cases.
“The motivation of the malicious actors is irrelevant,” said Thomas Richards, infrastructure security practice director at Black Duck.
“If an organization’s sensitive systems are exposed to the internet with no security hardening, they are at risk of a compromise.”
According to the authoring organizations, these intrusions are enabled by common cyber-hygiene failures, including default passwords, misconfigured systems and unsecured remote access.
“Many times, these systems are provided internet access for remote connectivity from support teams and vendors, but this creates a major security risk without restricting who can access it and adding proper authentication controls,” Richards added.
To reduce exposure and improve defenses, asset owners and operators are urged to take the following steps:
- Disconnect OT systems from the public internet to eliminate attack vectors
- Replace default credentials with strong, unique passwords
- Secure remote access using VPNs, private IP connections and phishing-resistant multi-factor authentication (MFA)
- Segment IT and OT networks to isolate critical systems
- Maintain the ability to operate OT systems manually in the event of an incident
“This issue also shows that these organizations don’t have proper cybersecurity governance or reviews,” Richards said.
“As every business is a software business, these organizations should look at industry standard frameworks for cybersecurity controls and implement a strict review process.”
