“The motivation of the malicious actors is irrelevant; if a company’s uncovered delicate techniques are uncovered to the web with no safety hardening, they’re vulnerable to a compromise,” stated Thomas Richards, infrastructure safety apply director at Black Duck. “Many occasions, these techniques are supplied with web entry for distant connectivity from assist groups and distributors, however this creates a significant safety danger with out proscribing who can entry it and including correct authentication controls.”
With reference to distant entry to OT networks, CISA really useful that for important distant entry, upgrading to a non-public IP community connection to take away these OT property from the general public web or utilizing a digital non-public community (VPN) performance with a powerful, phishing-resistant MFA authentication would possibly assist.
Moreover, organizations should doc and configure distant entry options to use rules of least privilege. “The suggestions to safe these environments aren’t superior safety measures, they’re foundational practices that ought to already be in place,” Hempel famous.
