Feds Sound Alarm on Rising OT/ICS Threats From APT Groups

NSA and CISA release guidance on protecting against cybersecurity threats to operational technology and industrial control systems.

Dark Reading Staff, Dark Reading

September 22, 2022

1 Min Read
Image of the report from NSA and CISA on protection OT/ICS systems.
Source: NSA/CISA

The National Security Administration (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are warning that there are active, known threats to industrial control systems (ICS) and operational technology (OT) that critical infrastructure sectors should be aware of.

In particular, the report, "Control Systems Defense: Know the Opponent," warns about the rise in attacks against utilities and industrial targets from advanced persistent threat (APT) groups and gathers insights into the tactics, techniques, and procedures (TTPs) of common threats to ICS and OT systems to help security teams shore up their defenses. For instance, APTs have recently begin developing tools specifically for scanning, compromising, and controlling targeted OT devices, according to the feds.

"State-sponsored APT actors target critical infrastructure for political and/or military objectives, such as destabilizing political or economic landscapes or causing psychological or social impacts on a population," according to the alert, issued Sept. 22. "The cyber-actor selects the target and intended effect — to disrupt, disable, deny, deceive, and/or destroy — based on these objectives."

Awareness of this growing threat is key. "Owners and operators of these systems need to fully understand the threats coming from state-sponsored actors and cybercriminals to best defend against them,” Michael Dransfield, NSA control systems defense expert, said about the new cybersecurity advisory. “We’re exposing the malicious actors’ playbook so that we can harden our systems and prevent their next attempt.”

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights