In a recent announcement, the Ukrainian government revealed that it is once again preparing for “massive cyberattacks” that it fears Russian hackers will carry out on critical infrastructure facilities. They also shared their concern for institutions located in allied countries, including Poland and the Baltic States. The target at the top of the list is likely the energy sector considering past breaches of such systems in 2015 and 2016.
NSA AND CISA ADDRESS BUILDING ICS CYBERSECURITY RISK
The building anticipation of this threat has organizations like the CISA issuing guides on topics such as “indicators of compromise,” according to Security Week. Alongside NSA, the CISA has also detailed the 5-step approach that malicious actors typically take when looking to take control of ICS systems, which CSO outlines. The list includes establishing a target that best suits intent, collecting intelligence, putting together the proper techniques, gaining access and, ultimately, carrying out the method of attack.
Additionally, the joint advisory published measures that security professionals can implement in order to avoid having operations compromised even. With recommendations for each stage of the process provided above, best practices mentioned consist of actions like limiting system information exposure, locating and shielding points of remote access, restricting tools and scripts, conducting security audits and implementing a dynamic network environment. Importantly, Bleeping Computer points out that these procedures take into account the fact that not all operators have access to advanced cybersecurity resources.
Read more here.