Securing Critical Infrastructure with XDR
In January, CISA, the FBI and the NSA released a joint Cybersecurity Advisory (CSA), titled Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure, that provided an overview of Russian state-sponsored cyber operations, including commonly observed tactics, techniques and procedures (TTPs), as well as detection actions, incident response guidance, and recommended mitigations.
“Russian state-sponsored APT actors have used sophisticated cyber capabilities to target a variety of U.S. and international critical infrastructure organizations, including those in the Defense Industrial Base as well as the Healthcare and Public Health, Energy, Telecommunications, and Government Facilities Sectors,” the advisory states.
“Russian state-sponsored cyber operations against critical infrastructure organizations have specifically targeted operational technology (OT)/industrial control systems (ICS) networks with destructive malware… CISA, the FBI, and NSA encourage the cybersecurity community—especially critical infrastructure network defenders—to adopt a heightened state of awareness and to conduct proactive threat hunting.”
While critical infrastructure defense has always been high priority objective, there’s still some disconnect in the world of critical infrastructure security around preparedness. According to a report covered by PRNewswire, a majority (84%) of critical infrastructure organizations indicated they had suffered at least one security breach involving their Operational Technology (OT) between 2018 and 2021; yet, 56% of respondents to the same study said they were “highly confident” that they wouldn’t experience an OT breach in 2022.
*** This is a Security Bloggers Network syndicated blog from Blog authored by Anthony M. Freed. Read the original post at: https://www.cybereason.com/blog/securing-critical-infrastructure-with-xdr
