Russian Government cyber actors compromised US energy networks, conducting network reconnaissance and lateral movement, and collected information pertaining to industrial control systems, according to a Cybersecurity and Infrastructure Security Agency (CISA) alert.
- WaterISAC, DHS, and U.S. EPA
Cybersecurity Recommendations for Critical Infrastructure
Global Events Are Threatening Operational Network Security
WaterISAC, DHS, and USEPA recommend SWIFT action in preparing for potential backlash from possible economic sanctions in response to a Russian invasion of Ukraine. Traditional tools, like ethernet radios with public facing IPs, web-based remote desktop access, or manually configured IT networks leave critical water systems vulnerable.
What Can You Do?
Recommended Steps to Protect Your Operational Infrastructure
As part of a proactive cyber posture, WaterISAC and USEPA, in conjunction with CISA/FBI/NSA, recommend:
Step 1: Secure all IP nodes behind an internet invisible firewall
Step 2: Segment operational and IT networks to prevent lateral traversing in the case of an intrusion
Step 3: Distribute all access control through physical first, multi-factor authentication
Step 4: Institute logging to audit who has accessed what and when
Step 5: Backup operational data to minimize downtime in the case of a destructive breach
How Tosibox Can Help
TOSIBOX Is Your Dedicated Operational Network Platform:
Step 1: Secure - Automated setup of your firewall, network, cloud connection and user access control removes human error and ensures complete cybersecurity
Step 2: Segment - Internet invisible without any static/public IPs or DNS servers, Tosibox is purpose built to support and segment your OT network.
Step 3: Access Control - Tosibox requires Physical First, MFA, allowing only trusted users to access your network
Step 4: Audit Logging - Tosibox central platform provides detailed audit logs of who access what and when.
Step 5: Backup - Your data is backed up, encrypted at rest, and ready for same day disaster recovery
For more information, or to set up a time to talk with a TOSIBOX OT specialist, click the contact us link at the bottom of this page.
