At the moment, the critical infrastructure is on high alert, and systems administrators are working rapidly to ensure the security of their systems. In the wake of this warning, WaterISAC and U.S. EPA, in conjunction with the CISA, FBI, and NSA, have released a list of recommendations for protecting critical network infrastructure.
While these recommendations are directed towards water and wastewater, they are good practice for anybody operating with a connected system.
The recommendations are as follows.
1. Require strong, unique passwords – While this seems obvious and easy to implement, stolen passwords with web-based authentication were the most exploited cyber-vulnerability in 2021, and this seems likely to continue into 2022.
2. Implement multi-factor authentication – This step significantly reduces system vulnerabilities. Implementing a physical component as part of the authentication process eliminates nearly all possibility for unwanted cyber-intrusion.
3. Address known exploited vulnerabilities – This includes IT/OT segmentation and eliminating any static, public facing IP addresses or open ports that provide a direct attack vector to critical systems.
4. Surge support – Enable operators to securely access systems remotely for rapid response in the case of a cyber incident.
5. Network/systems awareness – Monitor networks for unusual activity AND provide an auditable log of all network access.
6. Backup data – The backup should be stored separate from the network, and it should be rapidly accessible to minimize downtime in the case of a malicious event.
Regarding a cyber-attack, the question is not if, it’s when. Critical infrastructure is on high alert, and systems administrators are working rapidly to ensure the security of their systems. Manufacturers should follow suit.
All networks are critical, regardless of their function. Luckily, securing your network infrastructure does not require a cybersecurity expert with the automated, OT cybersecurity platform from Tosibox. With access control through physical first, multi-factor authentication, automatic network segmentation, point-to-point encrypted VPN tunnels, internet invisible infrastructure, and an automatic connection to any cloud or server for data backup, Tosibox is the OT choice for securing critical infrastructure.
If you are wondering how to secure your critical infrastructure – contact us for discussion.