The U.S. Cybersecurity and Infrastructure Security Agency recently published a fact sheet on defending industrial control systems and small-scale operational technology systems against ongoing pro-Russia hacktivist activity.
This activity has targeted several critical infrastructure sectors, including energy, water and wastewater systems, dams, and food and agriculture.
Criminal actors can be opportunistic, targeting critical infrastructure entities regardless of size to leverage security vulnerabilities that provide an entry point to interconnected critical systems.
Moreover, these activities demonstrate that pro-Russian adversaries understand the potential for operational impact through basic cyber intrusion vectors such as default passwords, reinforcing the critical importance of prioritizing cybersecurity.
The fact sheet, including mitigation recommendations, can be found here: https://www.cisa.gov/resources-tools/resources/defending-ot-operations-against-ongoing-pro-russia-hacktivist-activity