CISA Issues Alert On Cyberattacks Targeting Oil And Gas Infrastructure

The Cybersecurity and Infrastructure Security Agency of the United States (CISA) issued an alert on Tuesday, warning that cyber actors are targeting oil and natural gas infrastructure. While the techniques used are not advanced, the agency raises concerns over “poor cyber hygiene” within companies and organizations in the sector.

According to the alert, titled Unsophisticated Cyber Actor(s) Targeting Operational Technology, the malicious actors have been focusing on energy and transportation systems.

“Although these activities often include basic and elementary intrusion techniques, the presence of poor cyber hygiene and exposed assets can escalate these threats, leading to significant consequences such as defacement, configuration changes, operational disruptions, and, in severe cases, physical damage,” states the document.

CISA shared a fact sheet with guidelines on how to mitigate risks, Primary Mitigations to Reduce Cyber Threats to Operational Technology, and urged infrastructure owners and operators in the industry to read it and act to improve cybersecurity as soon as possible.

The document, issued by CISA, the FBI, EPA, and DOE, contains mitigation recommendations such as removing operational technology connections to the public internet, using strong, unique passwords, securing remote access, and maintaining manual controls operational.

As cyber threat actors continue targeting critical infrastructure entities and their operational technology, FBI, @CISAgov, and other partners have released a list of recommended actions to strengthen defenders’ cybersecurity posture against these threats: https://t.co/JjTWmqxSxI pic.twitter.com/XvvUp4lEwJ

— FBI (@FBI) May 6, 2025

“Cyber threat actors use simple, repeatable, and scalable toolsets available to anyone with an internet browser,” reads the document regarding data accessible through the public internet. “Critical infrastructure entities should identify their public-facing assets and remove unintentional exposure.”

The governmental agencies also advise owners and operators to communicate with third-party system services providers about this alert, get guidance, and work together to safeguard operational technologies.

Although the threats are not serious, as they involve basic attacks using rudimentary technology, institutions remain alert to these and other threats. A few weeks ago, two chief architects behind CISA’s Secure by Design program resigned and urged companies to build safe products.