Miscellaneous
In the latest episode of Eye on Security, our host Luke McNamara talksall about the world of operational technology (OT) and cyber physicalsystems with one of our foremost experts on the topic: NathanBrubaker, Senior Manager of Analysis for Mandiant Threat Intelligence.Nathan kicked off the chat by explaining what exactly we mean when weuse the term ‘cyber physical.’ They then turned their attention torelated threats. As it turns out, there are far less attempts byattackers to target these systems than one might believe. Nathan wenton to discuss some of the fundamental differences between OT andinformation technology (IT) systems, and then explained how OT isbecoming more similar to IT, which makes those systems more vulnerableto compromise. Fortunately, even though OT security typically lagsbehind that of IT systems, it’s definitely moving forward in the rightdirection.Listen to the podcast today, and check out the following blog postsreferenced by Nathan during the episode:• Financially Motivated Actors Are Expanding Access Into OT: Analysisof Kill Lists That Include OT Processes Used With Seven MalwareFamilies: https://feye.io/2Wn6jlr• Monitoring ICS Cyber Operation Tools and Software Exploit Modules ToAnticipate Future Threats: https://feye.io/2B5WrVI• Ransomware Against the Machine: How Adversaries are Learning toDisrupt Industrial Production by Targeting IT and OT:https://feye.io/3j4l1Y5• The FireEye Approach to Operational Technology Security:https://feye.io/2DImy5T• TRITON Actor TTP Profile, Custom Attack Tools, Detections, andATT&CK Mapping: https://feye.io/2Wk58CX