“The inspiration of malicious actors is irrelevant, if the exposed sensitive systems of an organization are exposed with no safety on the internet,” said Thomas Richards said, “infrastructure security practice director Thomas Richards said. Thomas Richards said. “Many times, these systems are provided with internet access for remote connectivity from support teams and vendors, but it pose a major safety risk that can combine it without restricting and appropriate authentication controls.”
On the subject of remote access to the OT network, CISA recommended that for the necessary remote access, upgrade a private IP network connection to remove these OT assets from the public internet or upgrade a virtual private network (VPN) with a strong, phishing-resistant MFA authentication may help using.
Additionally, organizations must document and configure remote access solutions to apply the principles of minimal privileges. “Recommendations to secure these environment are not advanced safety measures, they are basic practices that should already be,” Hempel said.
