The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert regarding the continued exploitation of operational technology (OT) and industrial control systems (ICS) devices. These attacks, often targeting critical infrastructure sectors like water and wastewater systems, exploit vulnerabilities stemming from internet accessibility and lax security practices.
CISA highlights that threat actors are leveraging unsophisticated methods such as:
● Using default credentials
● Conducting brute force attacks
To mitigate these threats, CISA urges OT/ICS operators to implement the recommendations outlined in “Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity”. The agency also emphasizes the importance of secure-by-design principles, directing organizations to their “Secure by Design” webpage for further guidance. Additionally, CISA provides resources on common threats, tactics, techniques, and procedures through its “Cross-Sector Cybersecurity Performance Goals”.
Splicecloud protects OT networks by providing deep security visibility through real-time data feeds processed by virtual or hardware probes. Splicecloud analyzes these feeds using machine learning models to identify anomalies and outliers in the OT network’s communication patterns. This is possible because OT networks typically have predictable communication patterns. Splicecloud can detect nodes and services, analyze behaviour, and identify outliers automatically. It also offers visualization of the OT network using its “Untangle” feature. Contact us today to book a demo where we demonstrate how we can keep hacktivists out of your plant network.