In this latest episode of our Eye on Security podcast, I talk all about the world of operational technology (OT) and cyber physical systems with one of our foremost experts on the topic: Nathan Brubaker, Senior Manager of Analysis for Mandiant Threat Intelligence.
Nathan kicked off our chat by explaining what exactly we mean when we use the term ‘cyber physical.’ We then turned our attention to related threats. As it turns out, there are far less attempts by attackers to target these systems than one might believe. Nathan went on to discuss some of the fundamental differences between OT and information technology (IT) systems, and then explained how OT is becoming more similar to IT, which makes OT systems more vulnerable to compromise. Fortunately, even though OT security typically lags behind that of IT systems, it’s definitely moving in the right direction.
Listen to the podcast today, and check out the following blog posts referenced by Nathan during the episode:
- Financially Motivated Actors Are Expanding Access Into OT: Analysis of Kill Lists That Include OT Processes Used With Seven Malware Families
- Monitoring ICS Cyber Operation Tools and Software Exploit Modules To Anticipate Future Threats
- Ransomware Against the Machine: How Adversaries are Learning to Disrupt Industrial Production by Targeting IT and OT
- The FireEye Approach to Operational Technology Security
- TRITON Actor TTP Profile, Custom Attack Tools, Detections, and ATT&CK Mapping