As the federal government contemplates how it approaches operational technology security measures, a "big opportunity" exists as infrastructure is upgraded or replaced.
The ransomware-as-a-service (RaaS) group has compromised organizations across the government, financial and food and agriculture sectors since November.
A newly introduced legislative package would require cyber incident reporting for critical infrastructure entities.
Researchers warn that a ransomware group's constant rebranding and its small size has allowed for it to fly under the radar.
Ransomware actors hist three wastewater facilities in the U.S. in the last few months, accessing SCADA devices and disrupting operations, CISA said.