CISA and other agencies recommend key mitigations for critical infrastructure to reduce cyber threats targeting operational technology (OT) and industrial control systems (ICS):
- Remove OT connections to the internet.
- Change default passwords to strong, unique ones.
- Secure remote access with private network connections and strong authentication.
- Document and configure remote access solutions based on least privilege.
- Segment IT and OT networks.
- Maintain the capability to operate OT systems manually.
Organizations should collaborate with service providers to fix potential misconfigurations. Regular communication and established best practices are essential for enhancing cybersecurity posture.