In the latest episode of Eye on Security, our host Luke McNamara talks all about the world of operational technology (OT) and cyber physical systems with one of our foremost experts on the topic: Nathan Brubaker, Senior Manager of Analysis for Mandiant Threat Intelligence.
Nathan kicked off the chat by explaining what exactly we mean when we use the term ‘cyber physical.’ They then turned their attention to related threats. As it turns out, there are far less attempts by attackers to target these systems than one might believe. Nathan went on to discuss some of the fundamental differences between OT and information technology (IT) systems, and then explained how OT is becoming more similar to IT, which makes those systems more vulnerable to compromise. Fortunately, even though OT security typically lags behind that of IT systems, it’s definitely moving forward in the right direction.
Listen to the podcast today, and check out the following blog posts referenced by Nathan during the episode:
• Financially Motivated Actors Are Expanding Access Into OT: Analysis of Kill Lists That Include OT Processes Used With Seven Malware Families: https://feye.io/2Wn6jlr
• Monitoring ICS Cyber Operation Tools and Software Exploit Modules To Anticipate Future Threats: https://feye.io/2B5WrVI
• Ransomware Against the Machine: How Adversaries are Learning to Disrupt Industrial Production by Targeting IT and OT: https://feye.io/3j4l1Y5
• The FireEye Approach to Operational Technology Security: https://feye.io/2DImy5T
• TRITON Actor TTP Profile, Custom Attack Tools, Detections, and ATT&CK Mapping: https://feye.io/2Wk58CX