March 21, 2024 at 05:30AM
The text explores the landscape of operational technology (OT) cyber-attacks. It delineates five types of OT cyber-attacks, categorizing them into two distinct groups based on the assets targeted and how they are impacted. The discussion highlights the importance of distinguishing between these categories to better prepare for future cyber-attacks. The analysis also delves into the rise of cybercrime affecting OT and the potential for criminals to transition to more advanced OT-targeted attacks.
Based on the meeting notes, I have identified key points on the discussion around cyber-attacks affecting operational technology (OT):
1. There is a need to analyze historical attacks to understand the different types of OT cyber-attacks and how they compare.
2. The Purdue Enterprise Reference Architecture provides a framework for defining and understanding different levels of OT environments.
3. The meeting notes delve into the different types of OT cyber-attacks, categorizing them into two distinct categories: IT TTPs and OT TTPs.
4. Analysis of 35 years of OT cyber-attacks shows a surge in attacks by cyber criminals, leading to a shift in victim sectors towards manufacturing-focused organizations.
5. The meeting notes further consider the possibility of criminals turning towards targeting OT with sophisticated cyber-attacks, and the potential factors that could drive this shift, such as motivated offenders, suitable targets, and the absence of a capable guardian.
6. A speculative research on a novel Cy-X technique known as Dead Man’s PLC is introduced, which targets OT devices, particularly PLCs, and discusses the potential impact and implications of such an attack.
7. The meeting notes highlight the importance of preparing for the evolving landscape of OT cyber security and the necessity to distinguish between different categories and types of attacks to develop relevant controls.
These are the main takeaways from the meeting notes, providing a clear understanding of the discussion and insights into the evolving landscape of OT cyber-attacks.