Feds Sound Alarm on Rising OT/ICS Threats From APT Groups
NSA and CISA release guidance on protecting against cybersecurity threats to operational technology and industrial control systems.
The National Security Administration (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are warning that there are active, known threats to industrial control systems (ICS) and operational technology (OT) that critical infrastructure sectors should be aware of.
In particular, the report, "Control Systems Defense: Know the Opponent," warns about the rise in attacks against utilities and industrial targets from advanced persistent threat (APT) groups and gathers insights into the tactics, techniques, and procedures (TTPs) of common threats to ICS and OT systems to help security teams shore up their defenses. For instance, APTs have recently begin developing tools specifically for scanning, compromising, and controlling targeted OT devices, according to the feds.
"State-sponsored APT actors target critical infrastructure for political and/or military objectives, such as destabilizing political or economic landscapes or causing psychological or social impacts on a population," according to the alert, issued Sept. 22. "The cyber-actor selects the target and intended effect — to disrupt, disable, deny, deceive, and/or destroy — based on these objectives."
Awareness of this growing threat is key. "Owners and operators of these systems need to fully understand the threats coming from state-sponsored actors and cybercriminals to best defend against them,” Michael Dransfield, NSA control systems defense expert, said about the new cybersecurity advisory. “We’re exposing the malicious actors’ playbook so that we can harden our systems and prevent their next attempt.”
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024