The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) warned that threat actors were targeting industrial control systems and operational technology infrastructure in the country. The FBI and CISA strongly urged companies to bolster their cybersecurity protections to prevent any attacks or disruptions. The threat, according to both agencies, was against the oil and gas industries and energy and transportation.

“The authoring organizations recommend that critical infrastructure organizations regularly communicate with their third-party managed service providers, system integrators, and system manufacturers who may be able to provide system-specific configuration guidance as they work to secure their (operational technology),” CISA said in a press release.

CISA outlined several steps companies can take to mitigate any disruptions.

The first one is to remove operational technology from public internet connections. These connections are more vulnerable to an attack than an internal system.

“Cyber threat actors use simple, repeatable, and scalable toolsets available to anyone with an internet browser,” CISA said. “Critical infrastructure entities should identify their public-facing assets and remove unintentional exposure.”

Another key element is to change all default passwords and replace them with strong passwords that aren’t easily decoded. This includes creating passwords that have numbers, symbols, and random characters, which is much harder to crack.

“Recent analysis of this cyber activity indicates that targeted systems use default or easily guessable (using open source tools) passwords,” CISA said. Changing default passwords is especially important for public-facing internet devices that have the capability to control OT systems or processes.”

CISA also recommends to allow your system to operate manually. This way, if a system is compromised, a company can default to controlling it manually and avert further damage.

“Business continuity and disaster recovery plans, fail-safe mechanisms, islanding capabilities, software backups, and standby systems should all be routinely tested to ensure safe manual operations in the event of an incident,” CISA said.