CISA Issues Alert On Cyberattacks Targeting Oil And Gas Infrastructure - 1

Photo by Zbynek Burival on Unsplash

CISA Issues Alert On Cyberattacks Targeting Oil And Gas Infrastructure

  • Written by Andrea Miliani Former Tech News Expert
  • Fact-Checked by Sarah Frazier Former Content Manager

The Cybersecurity and Infrastructure Security Agency of the United States (CISA) issued an alert on Tuesday, warning that cyber actors are targeting oil and natural gas infrastructure. While the techniques used are not advanced, the agency raises concerns over “poor cyber hygiene” within companies and organizations in the sector.

In a rush? Here are the quick facts:

  • CISA issued an alert warning about basic cyberattacks targeting oil and gas infrastructure.
  • The agency raised concerns over “poor cyber hygiene” within companies in the industry.
  • Owners and operators have been encouraged to review a document with mitigation recommendations and take action.

According to the alert , titled Unsophisticated Cyber Actor(s) Targeting Operational Technology , the malicious actors have been focusing on energy and transportation systems.

“Although these activities often include basic and elementary intrusion techniques, the presence of poor cyber hygiene and exposed assets can escalate these threats, leading to significant consequences such as defacement, configuration changes, operational disruptions, and, in severe cases, physical damage,” states the document.

CISA shared a fact sheet with guidelines on how to mitigate risks, Primary Mitigations to Reduce Cyber Threats to Operational Technology , and urged infrastructure owners and operators in the industry to read it and act to improve cybersecurity as soon as possible.

The document, issued by CISA, the FBI, EPA, and DOE, contains mitigation recommendations such as removing operational technology connections to the public internet, using strong, unique passwords, securing remote access, and maintaining manual controls operational.

As cyber threat actors continue targeting critical infrastructure entities and their operational technology, FBI, @CISAgov , and other partners have released a list of recommended actions to strengthen defenders’ cybersecurity posture against these threats: https://t.co/JjTWmqxSxI pic.twitter.com/XvvUp4lEwJ — FBI (@FBI) May 6, 2025

“Cyber threat actors use simple, repeatable, and scalable toolsets available to anyone with an internet browser,” reads the document regarding data accessible through the public internet. “Critical infrastructure entities should identify their public-facing assets and remove unintentional exposure.”

The governmental agencies also advise owners and operators to communicate with third-party system services providers about this alert, get guidance, and work together to safeguard operational technologies.

Although the threats are not serious, as they involve basic attacks using rudimentary technology, institutions remain alert to these and other threats. A few weeks ago, two chief architects behind CISA’s Secure by Design program resigned and urged companies to build safe products.

Reddit To Tighten User Verification System - 2

Photo by Brett Jordan on Unsplash

Reddit To Tighten User Verification System

  • Written by Andrea Miliani Former Tech News Expert
  • Fact-Checked by Sarah Frazier Former Content Manager

Reddit’s CEO, Steve Huffman, shared a post this Monday announcing that the platform will add new verification systems to ensure users are human. The decision was made just a few days after researchers deployed AI bots on the platform .

In a rush? Here are the quick facts:

  • Reddit’s CEO announced that they will introduce new user verification systems provided by third-party services.
  • The platform will require more data from users to prove they are not AI bots.
  • The decision comes just a few days after researchers deployed AI bots without permission and raised concerns among users.

In a post on Reddit , Huffman reflected on the company’s recent Q1 earnings and included a section addressing AI usage, its involvement on the platform, and Reddit’s response.

He acknowledged the power of the technology—particularly in areas like safety, moderation, translation, and summarization—but also noted its risks and the company’s concerns.

Huffman emphasized the elements that make Reddit unique, including its human community, user trust, and features that support anonymity.

“Unwelcome AI in communities is a serious concern. It is the worry I hear most often these days from users and mods alike,” wrote Huffman. “Reddit works because it’s human. It’s one of the few places online where real people share real opinions. That authenticity is what gives Reddit its value.”

The researchers were able to easily create fake accounts, as the platform requires very little information from users. Huffman noted that the freedom to tell stories and share personal experiences anonymously was one of the platform’s defining features—but added that Reddit will now begin requiring more information from users.

“To keep Reddit human and to meet evolving regulatory requirements, we are going to need a little more information,” added the CEO. “Specifically, we will need to know whether you are a human, and in some locations, if you are an adult. But we never want to know your name or who you are.”

Huffman explained that the new user verification systems will be provided in collaboration with “various third-party services,” focusing only on essential information.

During the past few months, Reddit has also been criticized for its lack of strong age verification systems to prevent children from accessing the platform and reaching sensitive content. The UK recently launched an investigation , and the Australian online safety regulator ESafety recently reported that children can easily bypass age verification systems —Reddit was among the platforms mentioned.