An official website of the United States government
Here's how you know
A .gov website belongs to an official government organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Press Release | May 1, 2024

Urgent Warning from Multiple Cybersecurity Organizations on Current Threat to OT Systems

FORT MEADE, Md. – Pro-Russia hacktivists are conducting malicious cyber activity against operational technology (OT) devices and critical infrastructure organizations are encouraged to implement mitigations, according to a Fact Sheet released today by the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Environmental Protection Agency (EPA), Department of Energy (DOE), United States Department of Agriculture (USDA), Multi-State Information Sharing and Analysis Center (MS-ISAC), the U.K. National Cyber Security Centre, and the Canadian Centre for Cyber Security.

According to the report, “Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity,” the hacktivists are compromising small-scale OT systems in North American and European Water and Wastewater Systems (WWS), dams, energy, and food and agriculture sectors.

Since 2022, the authoring organizations observed malicious activity and are releasing this joint guidance to share information and mitigations associated with the pro-Russia hacktivists’ recent cyber operations against OT. 

“This year we have observed pro-Russia hacktivists expand their targeting to include vulnerable North American and European industrial control systems,” said Dave Luber, NSA’s Director of Cybersecurity. “NSA highly recommends critical infrastructure organizations’ OT administrators implement the mitigations outlined in this report, especially changing any default passwords, to improve their cybersecurity posture and reduce their system’s vulnerability to this type of targeting.”

The recommendations in this report include hardening human machine interfaces, limiting exposure of OT systems to the internet, using strong and unique passwords, and implementing multifactor authentication for all access to the OT network.  These recommendations are helpful to counter any actors using these techniques. 
Read the full report here.
Visit our full library for more cybersecurity information and technical guidance.

NSA Media Relations