CyberX offers deep dive into ICS-specific attacker tactics and how to detect them
“MITRE ATT&CK for ICS: A Technical Deep Dive”Tweet this
Boards and management teams are increasingly concerned about the potential business impact of cyberattacks on their operational technology (OT) and industrial control systems (ICS), including costly production outages, safety and environmental incidents, and theft of sensitive intellectual property.
To help network defenders detect and respond faster to these attacks, MITRE recently released MITRE ATT&CK for ICS, a standard framework for understanding the diverse tactics that adversaries use to compromise and pivot through ICS networks.
Unlike MITRE’s ATT&CK for Enterprise framework, which was developed for corporate IT networks, ATT&CK for ICS focuses on adversaries whose primary goal is to compromise OT networks.
The IoT/OT Security Challenge
As digitalization and Industry 4.0 drive the deployment of billions of new IoT/OT devices — along with pervasive connectivity between IT and OT networks — they’re also increasing the attack surface by a factor of three times compared to just a few years ago.
These IoT devices don’t support agents and are often unpatched, unmanaged, and invisible to IT teams – making them soft targets for adversaries seeking to disrupt production facilities and/or gain access to corporate networks.
To make matters worse, most of the legacy OT devices and protocols deployed in ICS environments were developed decades ago and are insecure by design, lacking modern controls such as strong authentication, encryption, and hardened software stacks.
Led by Joe DiPietro, VP of Customer Success at CyberX, the webinar will cover the following topics:
- The 11 classes of tactics described in MITRE ATT&CK for ICS
- How to use the framework to improve your ICS security posture
- How real-world ICS attacks are detected by CyberX’s agentless IoT/OT security platform