Mitre has introduced an ATT&CK framework designed to help cybersecurity teams understand the behavior and techniques threat actors use to launch attacks on industrial control systems of energy transmission plants and other critical infrastructure.
The ATT&CK for ICS knowledge base highlights the distinctive aspects of protocols and applications that ICS operators use to connect with physical equipment and could help cyber defenders come up with incident response strategies and a standard language for reporting incidents, Mitre said Tuesday.
“Asset owners and defenders want deep knowledge of the tradecraft and technology that adversaries use in affecting industrial control systems to help inform their defenses,” said Otis Alexander, a lead cybersecurity engineer at Mitre. “With MITRE ATT&CK for ICS, we can help mitigate the catastrophic failures that affect property or human life.”
“The ICS ATT&CK framework creates a forum for establishing how ICS intrusions are unique/different from enterprise IT intrusions and will enable ICS operations and security teams to better protect these mission critical systems,” said Christopher Glyer, chief security architect at FireEye.