CISA has published an analysis and infographic outlining the results from 143 Risk and Vulnerability Assessments (RVAs) conducted by both CISA and the US Coast Guard across various critical infrastructure sectors during fiscal year 2023 (FY23). These documents provide several detailed mitigations and remediation measures to help protect against the most commonly observed threat actor tactics.

The analysis presents a sample attack path, outlining the strategies and procedures a cyber threat actor might use to infiltrate an organization that exhibits vulnerabilities similar to those identified in the FY23 RVAs. The accompanying infographic showcases the most effective techniques for each tactic documented in the RVAs. Together, both the analysis and the infographic align threat actor behavior with the MITRE ATT&CK® framework.

Many of these threat actor tactics are highly prevalent to the water sector, particularly Lateral Movement which has been observed being used by Volt Typhoon to breach a water utility and is mentioned in the analysis (page 17). Members are encouraged to review both the analysis and infographic, and to apply the recommended mitigations. For more information, access CISA.