Skip to main content
close search
site logo
Dive Brief

CISA, FBI warn of ‘unsophisticated’ hackers targeting industrial systems

Federal authorities, including the EPA and the U.S. Department of Energy, urged network defenders to secure remote access and use stronger passwords.

Published May 8, 2025
David Jones's headshot
Reporter
The Department of Energy (DOE) sign is seen at its headquarters, the James Forrestal Building, nicknamed the Little Pentagon, in Washington, DC.
The Department of Energy (DOE) sign is seen at its headquarters, the James Forrestal Building in Washington, DC. The department is one of several agencies issuing joint guidance to secure industrial systems from malicious cyber activity. hapabapa via Getty Images

Dive Brief:

  • The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday warned of unsophisticated threat actors targeting industrial control systems and operational technology environments in key critical infrastructure sectors. 
  • The guidance, co-authored by the U.S. Department of Energy and the Environmental Protection Agency, said the threat activity targeted critical infrastructure in the oil and gas industry and involved the energy and transportation sectors. 
  • The agencies urged security leaders to use better cyber hygiene and protect assets exposed to the internet.

Dive Insight:

While it is not clear what specific incidents led to the advisory, the guidance is similar to prior warnings in recent years about threat actors targeting drinking and wastewater treatment providers and small power companies

The agencies advised three major security improvements: 

  • Removing OT connections from the public internet, as exposed OT devices can easily be discovered through search engines that track open ports.
  • Immediately changing default passwords with strong, unique passwords that are hard to guess.
  • Securing remote access to OT networks, with users upgrading to a private IP network and adopting VPNs with strong passwords and phishing-resistant multifactor authentication.

“This advisory is really no different than what we have been saying for years: the basic state of cyber hygiene in OT environments is lacking, and building a good perimeter and defendable environments should be every asset owner's first priority,” Paul Shaver, Mandiant global practice lead for OT/ICS security, told Cybersecurity Dive.

Filed Under: Threats

Editors' picks

Company Announcements

View all | Post a press release
BrandShield Launches Resolve to Bring Enterprise-Grade Cybersecurity to Companies of Any Size
From BrandShield
April 28, 2025
CISOs Favor the Elimination of Regulations that Stall AI Innovation, but Warn that Policy Roll…
From Absolute Security
April 22, 2025
2025 Ultimate Guide to Free Bitcoin Mining: From JAMining Beginner to Financial Freedom
From JAmining
April 27, 2025
Onsite Mammography Data Breach Investigation
From Migliaccio & Rathod LLP
April 22, 2025
Editors' picks
Latest in Threats
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.