U.S. Agencies Warn of Cyberattacks on Energy Sector by Low-Level Threat Actors
The Cybersecurity and Infrastructure Security Agency (CISA), alongside the FBI, Environmental Protection Agency (EPA), and Department of Energy (DoE), has issued a joint alert warning of ongoing cyberattacks targeting industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems within the U.S. oil, natural gas, and transportation sectors.
These attacks, carried out by relatively unsophisticated cyber actors, are exploiting poor cybersecurity practices to gain access and potentially disrupt critical infrastructure operations. Despite using basic intrusion techniques, such as exploiting default configurations or weak passwords, the attackers can cause significant damage including website defacement, configuration tampering, operational disruptions, and in extreme cases, physical harm.
The agencies emphasize that poor cyber hygiene and exposed systems amplify the impact of otherwise simple attack methods. According to the advisory, misconfigurations often arise from standard operational practices, system integrators, managed service providers, or manufacturers' default settings.
To mitigate risks, asset owners and operators in critical infrastructure are urged to consult the guidance titled “Primary Mitigations to Reduce Cyber Threats to Operational Technology.” Key recommendations include:
- Removing operational technology (OT) systems from public internet access
- Changing default passwords and securing remote access with VPN and multi-factor authentication (MFA)
- Segmenting IT and OT networks
- Ensuring the ability to manually operate OT systems if needed
By strengthening foundational cybersecurity measures, organizations can better defend against even the most rudimentary cyber threats and protect essential services from avoidable disruptions.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
