ATT&CK for ICS: Knowledge base of techniques used by cyber adversaries

2020-01-08 08:31

MITRE released an ATT&CK knowledge base of the tactics and techniques that cyber adversaries use when attacking ICS that operate some of the nation's most critical infrastructures including energy transmission and distribution plants, oil refineries, wastewater treatment facilities, transportation systems, and more.

Some aspects of the existing ATT&CK knowledge base for enterprise IT systems are applicable to ICS, and in many cases may represent an entry point into those ICS systems for adversaries.

The focus of ATT&CK for ICS. ATT&CK for ICS adds the behavior adversaries use within ICS environments.

Austin Scott, principal ICS security analyst at Dragos, said, "ATT&CK for ICS shines a light into the unique threat behaviors leveraged by adversaries targeting Industrial Control System environments. We understand the critical importance ICS threat behaviors play in an effective cybersecurity strategy and we're proud to contribute to this program and community resource. It is a huge win for the front-line ICS network defenders who now have a common lexicon for categorizing ICS specific techniques to support reporting and further analysis."

Christopher Glyer, chief security architect at FireEye, said, "The ATT&CK framework has been instrumental for cyber defense teams in codifying a lexicon describing how cyber attacks are conducted as well as centralizing examples of research and threat intelligence reports regarding real-world use of attacker techniques. The ICS ATT&CK framework creates a forum for establishing how ICS intrusions are unique/different from enterprise IT intrusions and will enable ICS operations and security teams to better protect these mission critical systems."

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/P559sLHRavs/

#ICS