NSA releases cybersecurity advisory on ensuring security of operational technology
The National Security Agency (NSA) released the Cybersecurity Advisory, “Stop Malicious Cyber Activity Against Connected Operational Technology” , for National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) operational technology (OT) owners and operators. The CSA details how to evaluate risks to systems and improve the security of connections between OT and enterprise networks. Information technology (IT) exploitation can serve as a pivot point for OT exploitation, so carefully evaluating the risk of connectivity between IT and OT systems is necessary to ensure unique cybersecurity requirements are met.
Each IT-OT connection increases the potential attack surface. To prevent dangerous results from OT exploitation, OT operators and IT system administrators should ensure only the most imperative IT-OT connections are allowed, and that these are hardened to the greatest extent possible. An example of this type of threat includes recent adversarial exploitation of IT management software and its supply chain in the SolarWinds compromise with publicly documented impacts to OT, including U.S. critical infrastructure.