CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization

CISA and USCG conducted a proactive hunt at a critical infrastructure organization and, while finding no active intrusion, identified high-risk security issues—shared plaintext local admin credentials across many workstations, poor IT/OT segmentation allowing standard users access to SCADA VLANs, insufficient logging/retention, and misconfigured server settings—and provided prioritized mitigations and MITRE ATT&CK mappings to remediate these weaknesses and improve detection.