The United States has issued a warning about hackers trying to break into ICS/SCADA

On Tuesday, U.S. government agencies, including CISA, the FBI, the EPA, and the DoE, warned about cyberattacks on the nation's oil and natural gas sector. These attacks use simple hacking methods, but because many crucial infrastructure companies have poor cybersecurity, they could suffer major problems, including physical damage.

CISA has noticed a rise in unsophisticated hackers trying to breach systems controlling critical sectors like energy and transportation in the U.S. These hackers might be political groups known as hacktivists. They often target systems that are connected to the internet without proper security or rely on easy-to-guess passwords.

Although hackers often exaggerate their potential, experts caution that these attacks can be serious. The CISA, FBI, EPA, and DoE alert advises critical infrastructure companies to improve their cybersecurity immediately. They should prepare for threats aimed at systems connected to the internet, especially those used for operational technology (OT) and industrial control systems (ICS).

For protection, companies should make sure their OT systems are not accessible online and secure remote access with VPNs, strong passwords, and multi-factor authentication that resists phishing attempts. They should also identify and change any default passwords without delay and use separate networks for critical systems. Additionally, they need to be able to control OT systems manually if necessary.

Companies are also advised to collaborate with other organizations to spot and fix any configuration errors that may arise during normal operations or from setups by manufacturers and service providers. Regular communication with these providers can offer valuable advice for securing systems. They should follow CISA's guidelines to reduce attack risks, such as enhancing network security and adopting better security practices.