CISA – Control System Defense — Know the Opponent

CISA & NSA have published an excellent & in-depth research paper following theme of “Know thy enemy”.  It describes social engineering tactics & highlights key weaknesses in technical defenses.

CISA and NSA Publish Joint Cybersecurity Advisory on Control System Defense | CISA

Control System Defense: Know the Opponent | CISA

CISA and the National Security Agency (NSA) have published a joint cybersecurity advisory about control system defense for operational technology (OT) and industrial control systems (ICSs). Control System Defense: Know the Opponent is intended to provide critical infrastructure owners and operators with an understanding of the tactics, techniques, and procedures (TTPs) used by malicious cyber actors. This advisory builds on NSA and CISA 2021 guidance provided to stop malicious ICS activity against connect OT, and 2020 guidance to reduce OT exposure.  CISA and NSA encourage critical infrastructure owners and operations to review the advisory and apply the recommended mitigations and actions.