H-ISAC TLP White Threat Bulletin: OT/ICS Defense: Know the Opponent – September 22, 2022

On September 22, 2022, the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) published a Joint Cybersecurity Advisory (CSA) (AA22-265A) as operational technology/industrial control system (OT/ICS) assets that operate, control, and monitor day-to-day critical infrastructure and industrial processes continue to be an attractive target for malicious cyber actors. 

OT/ICS devices and designs are publicly available, often incorporate vulnerable information technology (IT) components, and include external connections and remote access that increase their attack surfaces. In addition, a multitude of tools are readily available to exploit IT and OT systems. As a result of these factors, malicious cyber actors present an increasing risk to ICS networks. 

Health-ISAC is sharing this Joint Cybersecurity Advisory which builds on previous NSA and CISA guidance to increase awareness for OT/ICS network defenders seeking to better understand the tactics, techniques, and procedures (TTPs) observed to be consistent with OT/ICS threat actors. 

View the detailed report below.