“The motives of malicious actors are irrelevant; if an organization’s naked sensitive system is exposed to the Internet without being exposed to security hardening, they are at risk of compromise,” said Thomas Richards, director of security operations at Black Duck Infrastructure. “Many times, these systems provide remote connections to Internet access support teams and vendors, but this creates a major security risk without restricting who can access it and adding appropriate authentication controls.”
Regarding the topic of remote access to OT networks, CISA recommends that it is basic remote access, upgrading to a private IP network connection to remove these OT assets from the public Internet, or using Virtual Private Network (VPN) capabilities with strong drug-resistant MFA authentication may be helpful.
Additionally, organizations must document and configure remote access solutions to apply the principle of minimum privileges. “The recommendations to ensure these environments are not advanced security measures, but fundamental practices that should already exist,” Hemper notes.
