OT and ICS defense
NSA-CISA Advisory Reveals Hacker ‘Playbook’ Against Operational Technology, Industrial Control Systems
The National Security Agency and the Cybersecurity and Infrastructure Security Agency have issued a joint advisory containing recommendations on how users can defend against cyber threats to operational technology and industrial control system assets.
The advisory, titled “Control System Defense: Know the Opponent,” also discusses the strategies malicious actors employ when attacking IT and ICS devices. According to Michael Dransfield, a control systems defense expert at the NSA, by “exposing the malicious actors’ playbook” end-users can take the actions necessary to prevent future attacks.
The mitigations the advisory proposes should be put into effect to prevent attackers like state-sponsored actors and cyber criminals from achieving their objectives, the NSA said.
The joint advisory is the latest in a series of efforts by the NSA and CISA to safeguard U.S. systems against cybersecurity threats.
Earlier this month, the NSA issued a document titled “Commercial National Security Algorithm Suite 2.0” which includes a directive requiring National Security System owners to immediately begin transitioning towards new software cryptography that is resistant to quantum computing threats.
Meanwhile, CISA has been tasked by the White House to create a form to be used by providers of technology to the government to show that their products comply with cybersecurity standards set forth by the National Institute of Standards and Technology. The self-attestation form is meant to help contractors when it comes to proving the security of their offerings.
More recently, the NSA and CISA issued a document outlining their security assessment of the Open Radio Access Network.
Tags: CISA cybersecurity industrial control system joint advisory National Security Agency operational technology