The Cybersecurity and Infrastructure Security Agency (CISA), in conjunction with the FBI, Department of Energy, and Environmental Protection Agency, has issued a warning regarding cyberattacks targeting Operational Technology (OT) and Industrial Control Systems (ICS) within the US oil and natural gas industry. The agencies have observed that many cybercriminals utilize basic intrusion techniques, which, when combined with poor cyber hygiene and unprotected assets, can result in significant operational disruptions and physical damage.
Gabrielle Hempel, a security operations strategist at Exabeam, noted the recurring issue of systemic negligence in addressing known vulnerabilities across the energy sector. “The energy sector often relies on legacy systems and lacks the resources or knowledge to effectively secure their infrastructure,” Hempel stated. This situation is exacerbated by the growing integration of IT and OT systems, which increases the complexity of securing these environments and makes traditional mitigation measures less effective.
CISA’s guidance includes a series of recommended actions to fortify defenses against potential threats. One critical measure involves disconnecting OT devices from the public internet to reduce exposure. Thomas Richards, an infrastructure security expert, emphasized that the specific motivations of malicious actors are irrelevant when sensitive systems lack proper protection. Recommendations also include using a private IP network for essential remote access and implementing strong multifactor authentication to secure access points.
In addition to these measures, organizations are urged to implement stronger password protocols, segment their IT and OT networks, and ensure the capability to revert to manual controls after any cyber incident. Trey Ford from Bugcrowd highlighted the significance of CISA’s warning, as it explicitly addresses threats from unsophisticated hacking activities. This reminder underscores the importance of maintaining fundamental cybersecurity practices to prevent severe system failures.