The Critical Manufacturing Sector is at risk from increased cyber-attack surface areas and limited cybersecurity workforces related to the COVID-19 pandemic. These trends increase the vulnerability1 of the Critical Manufacturing Sector to the growing number of ransomware attacks aimed at private businesses by increasing attack surfaces and reducing protective abilities. To mitigate future threats, the Critical Manufacturing Sector should prioritize the management of risks.
CISA has identified potential operational vulnerabilities in Industrial Control Systems (the control systems that manage industrial processes) as a result of increased remote-based ICS management and industry adaptation to working conditions in the COVID-19 pandemic:
- expanded cyber-attack surfaces
- reduced network segmentation and securitization
- unauthorized access (both physical and online)
Operational adaptations to the pandemic (such as remote-work adoption) also increase the risks associated with identifying, authenticating, and securing accounts which are now more necessary than in work environments where physical access allows authentication. Managing cybersecurity risks in an ICS environment…
