NSA issued Advisory: Guidance to Stop Malicious Cyber Activity Against Connected Operational Technology
“While there are very real needs for connectivity and automating processes, operational technologies and control systems are inherently at risk when connected to enterprise IT systems”
In essence, recommendation are as follows:
- Manage, encrypt and authenticate all remote access connections
- Add sensors and actively monitor all remote connections. Disconnect remote access until this is in place!
- Create an OT map, validate unknown assets and create baseline configurations
- Create a known OT communication baseline
- Create short, medium and long term improvement plans
- Maintain offline “gold copy” baselines for OT networks and devices to enable recovery from a known good source.
PDF available here.