America’s top domestic cyber agency is sounding the alarm that hackers are targeting oil and gas infrastructure and taking advantage of poor security techniques.
The Cybersecurity and Infrastructure Security Agency said in a recent alert that cyberattackers are going after industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems.
“CISA is increasingly aware of unsophisticated cyber actor(s) targeting ICS/SCADA systems within U.S. critical Infrastructure sectors (Oil and Natural Gas), specifically in Energy and Transportation Systems,” the CISA alert said. “Although these activities often include basic and elementary intrusion techniques, the presence of poor cyber hygiene and exposed assets can escalate these threats, leading to significant consequences such as defacement, configuration changes, operational disruptions and, in severe cases, physical damage.”
CISA also published an advisory for mitigations to reduce cyberthreats to operational technology (OT) systems, which it authored with the FBI, the Department of Energy, and the Environmental Protection Agency.
OT systems generally involve the physical environment, such as the flow of fuel through a pipeline, whereas information technology (IT) systems more directly deal with things such as communications and data management.
The first step the federal agencies recommended is for digital defenders to sever operational technology connections to the public internet.
In 2021, ransomware attackers hit major US fuel supplier Colonial Pipeline. Hackers reportedly targeted the company’s IT networks and not its OT environment. The company, however, halted OT operations amid concerns about the hackers jumping the divide.
In 2025, the Trump administration’s new advisory urged cybersecurity professionals to segment IT and OT networks and introduce a “demilitarized zone for passing control data.” The federal agencies’ advisory said organizations should also practice and maintain the ability to operate OT systems manually.