Back

CISA Releases Zero Trust Guidance for Securing OT Against Cyber Threats

Severity: High (Score: 76.8)

Sources: Infosecurity-Magazine, Industrialcyber.Co, Cybersecuritydive, Csoonline, Cybersecuritynews

Summary

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a new guide titled 'Adapting Zero Trust Principles to Operational Technology' to assist organizations in implementing zero trust architectures in operational technology (OT) environments. This guidance addresses the increasing cybersecurity risks associated with the convergence of IT and OT systems, emphasizing that traditional perimeter defenses are inadequate. The document outlines practical steps for enhancing asset visibility, identity and access management, and supply chain risk management. It highlights the need to assume adversaries may already be inside networks and to validate access requests based on identity and risk. The guidance is particularly relevant for sectors like power, water, and transportation, which are critical to national infrastructure. Threat actors, including state-sponsored groups like Volt Typhoon, have been targeting OT systems, exploiting vulnerabilities to gain access. The guide was developed in collaboration with several federal agencies, including the Departments of Defense and Energy, and the FBI. It stresses the importance of layered security measures and incident response planning to mitigate potential disruptions. Key Points: • CISA's new guidance focuses on zero trust principles for operational technology security. • The document addresses risks from the convergence of IT and OT systems, urging a shift from implicit trust. • Threat actors like Volt Typhoon are actively targeting OT environments, necessitating enhanced security measures.

Key Entities

  • Volt Typhoon (apt_group)
  • Botnet (attack_type)
  • Malware (attack_type)
  • Zero-day Exploit (attack_type)
  • BlackEnergy (malware)
  • CrashOverride (malware)
  • T1003 - OS Credential Dumping (mitre_attack)
  • T1021 - Remote Services (mitre_attack)
  • T1047 - Windows Management Instrumentation (mitre_attack)
  • T1059.001 - PowerShell (mitre_attack)
  • Malcolm (platform)
  • Versa Director (platform)
  • Zeek (platform)
  • PowerShell (tool)
  • Versa Director Zero-day (vulnerability)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed