Comment from Tenable’s Marty Edwards on APT Cyber Tools Targeting ICS/SCADA Devices

CISA issued an alert indicating that APTs are gaining full access to industrial control systems, marking only the seventh ever identified malware targeted specifically at ICS. This is the first time that an industrial cyber capability has been found prior to its deployment. The malware allows the bad actors to scan, compromise and control affected devices once they’ve gained access.

In response to the alert issued by CISA, below is a comment by Marty Edwards, VP for OT Security, Tenable.

“The joint advisory issued by the US Government about advanced tools being used to target Industrial Control Systems and Operational Technology environments is concerning. If attackers are successful, the consequences of such intrusions are vast and can be potentially devastating. When your adversary is using advanced tools to potentially disrupt your system then organizations must have the people, processes and technology in place beforehand to harden their environments and detect any malicious activity.

“The actors are apparently capable of directly interacting and manipulating the OT devices referenced in the advisory, so it is imperative that asset owners and operators are continuously monitoring for any malicious communications to these devices as well as monitoring for any changes to the configuration or logic inside the devices in real-time.

“The advisory states that actors could elevate privileges, move laterally within an OT environment, and disrupt critical devices or functions. Asset owners and operators should have systems in place to monitor for credential abuse and or discover accounts that are not adhering to the principle of least privilege.” Marty Edwards, VP for OT Security, Tenable

 

Related posts

Sify Technologies Partners with Cisco ThousandEyes to Help Enterprises Accelerate their Digital Transformation Journey

Whatfix and Deloitte India Forge Strategic Alliance to Accelerate Adoption of Digital Solutions for Indian Enterprises

New Research Highlights AI and Low-Code Synergy Accelerating Application Development in Asia-Pacific

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More