Mitigation measures
Mitigation measures
• Require multi-factor authentication for remote access to OT and IT networks
• Enable strong spam filters to prevent phishing emails from reaching end-users
• Filter emails containing executable files from reaching end-users
• Implement a user training program and simulated attacks for spearphishing to discourage users from visiting malicious websites or opening malicious attachments and reenforce the appropriate user responses to spearphishing emails
• Filter network traffic to prohibit ingress and egress communications with known malicious IP addresses . Prevent users from accessing malicious websites by implementing URL blocklists and / or allow lists
• Update software , including operating systems , applications , and firmware on IT network assets , in a timely manner . Consider using a centralised patch management system ; use a risk-based assessment strategy to determine which OT network assets and zones should participate in the patch management program .
• Limit access to resources over networks , especially by restricting RDP . After assessing risks , if RDP is deemed operationally necessary , restrict the originating sources and require multi-factor authentication .
energydigital . com 79