Expert Advise On NSA/CISA Alert on Foreign Hackers

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory recommending Immediate Actions to Reduce Exposure Across all Operational Technologies and Control Systems.  The advisory warns of foreign cyber threat actors potentially targeting US critical infrastructure and provides “immediate steps to ensure resilience and safety of US systems should a time of crisis emerge in the near term.” It notes that “Legacy OT assets that were not designed to defend against malicious cyber activities, combined with readily available information that identifies OT assets connected via the Internet (e.g., Shodan1 [2], Kamerka [3]), are creating a “perfect storm” of 1) easy access to unsecured assets, 2) use of common, open-source information about devices, and 3) an extensive list of exploits deployable via common exploit frameworks…”