CISA Alert AA22-265A – Control system defense: know the opponent. [CISA Cybersecurity Alerts]

CyberWire Daily

N2K Networks, Inc.

Technology, Daily News, News, Tech News

4.8 • 1.1K Ratings

🗓️ 22 September 2022

⏱️ 3 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

This alert builds on previous NSA and CISA guidance to stop malicious ICS activity and reduce OT exposure. The alert documentation linked in the show notes describes TTPs that malicious actors use to compromise OT/ICS assets. It also recommends mitigations that owners and operators can use to defend their systems from each of the listed TTPs. NSA and CISA encourage OT and ICS owners and operators to apply the recommendations in this documentation. AA22-265A Alert, Technical Details, and Mitigations NSA and CISA guidance to stop malicious ICS activity and reduce OT exposure For NSA client requirements or general cybersecurity inquiries, contact Cybersecurity_Requests@nsa.gov. To report incidents and anomalous activity or to request incident response resources or technical assistance related to these threats, contact CISA at report@cisa.gov. To report incidents and anomalous activity or to request incident response resources or technical assistance related to these threats, contact CISA at report@cisa.gov, or call (888) 282-0870, or report incidents to your local FBI field office. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K.
0:07.0	This is a SISA Cybersecurity Alert.
0:14.0	ID number Alpha Alpha 22 TAC 265 Alpha.
0:20.0	Original release date, September 22,
0:23.4	This alert builds on previous NSA and CISA guidance to stop malicious ICS activity and reduce
0:33.8	O.T. exposure. The alert documentation linked in the show notes describes
0:38.0	TTPs that malicious actors use to compromise O.T. and ICS assets. It also recommends mitigations that owners and
0:45.1	operators can use to defend their systems from each of the listed TTPs.
0:48.8	NSA and CISA encourage OT and ICS owners and operators to apply the recommendations in this
0:53.9	documentation. Traditional approaches to securing O.T. and ICS do not adequately
0:59.2	address current threats. Operators who understand cyber actors TTPs can use this knowledge to prioritize hardening and mitigation
1:06.0	actions.
1:08.4	Operational technology and industrial control systems assets that operate control and monitor
1:12.4	day-to-day critical infrastructure
1:13.9	and industrial processes continue to be an attractive target for malicious cyber actors.
1:18.3	These cyber actors target OT and ICS assets to achieve political gains, economic advantages, or destructive effects.
1:26.0	Because OT and ICS systems manage physical operational processes,
1:30.0	cyber actors' operations could result in physical consequences, including loss of life, property damage, and disruption of national critical functions.
1:39.0	Traditional ICS assets are difficult to secure due to their design for maximum
1:43.6	availability and safety coupled with their use of decades-old systems that often
1:47.3	lack any recent security updates. Newer ICS assets may be able to be
1:52.0	configured more securely but often have an increased
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.