How would MITRE’s popular cyberattack framework apply to industrial control systems?

Forums Security News (Security) How would MITRE’s popular cyberattack framework apply to industrial control systems?

Tagged: ,

  • This topic has 1 voice and 0 replies.
Viewing 0 reply threads
  • Author
    Posts
    • January 19, 2020 at 4:40 am #38872
      Telegram SmartBoT
      Moderator
      • Topic 5959
      • Replies 0
      • posts 5959
        @tgsmartbot

        #News(Security) [ via IoTGroup ]

        Headings…
        How would MITRE’s popular cyberattack framework apply to industrial control
        APT33 has used botnets to…
        As iOS vulnerabilities…

        Auto extracted Text……

        A document that cybersecurity professionals consult in analyzing hacking groups will soon expand to include attack techniques used against industrial control systems, a recognition of the growing number of adversaries that target critical infrastructure.
        The goal is to help organizations understand and defend against disruptive cyberattacks like the one that cut power for some 225,000 people in Ukraine in 2015.
        That means filling in gaps in the cybersecurity community’s knowledge base of the hacking methods that are unique to industrial environments as well as those that also apply to IT networks.
        The document, known as the “ATT&CK” framework, should account for the “full gamut of adversary behavior,” said Otis Alexander, one of the lead cybersecurity engineers who helps maintain it at MITRE Corp., a federally funded not-for-profit organization.
        The updated framework could be available to network defenders as soon as December.
        It will cover attacks against ICS protocols and ways in which hackers might hinder incident response, Alexander said at MITRE’s ATT&CKcon conference on Wednesday.
        Where the cybersecurity industry sometimes creates confusion — the same grouping of Russian state-backed hackers can have five different names, depending on the company publishing the research — the ATT&CK framework cuts through to focus on hackers’ methods.
        The original framework, which MITRE began developing in 2013, categorizes the way different hacking groups exfiltrate data, move within a compromised network, and retain access to that network.
        Bryson Bort, founder of cybersecurity companies SCYTHE and GRIMM, said the forthcoming framework would provide a common language for ICS asset owners looking to share threat information.
        Those hacking operations, carried out by Russian government-linked hackers, drew much greater attention to the way that malware can be tailored to disrupt industrial environments

        Read More..
        AutoTextExtraction by Working BoT using SmartNews 1.02976805238 Build 26 Aug 2019

    • Author
      Posts
    Viewing 0 reply threads
    • You must be logged in to reply to this topic.