MITRE Engenuity ATT&CK® Evaluations for ICS: Retrospective & Results
The MITRE Engenuity ATT&CK® Evaluations for Industrial Control Systems (ICS) is the first evaluation of the ICS threat detection market and simulates an attack against an operational technology (OT) environment. MITRE Engenuity used the MITRE ATT&CK knowledge base to emulate the tactics, techniques, and procedures (TTPs) associated with the TRISIS (aka Triton) malware. The malware has been used to compromise industrial systems around the world, including oil and gas and electrical plants in the Middle East, Europe, and North America.
This whitepaper details the simulation of a realistic multi-phase attack scenario used in the ATT&CK Evaluations, provides a day-by-day breakdown of the threat behaviors and techniques, and highlights how the Dragos Platform technology identified adversary behavior.
Read the whitepaper to learn more about:
- The emulation of XENOTIME, a real-world threat activity group tracked by Dragos
- Insights from the 5-day simulated attack
- How Dragos tracked the adversary through the MITRE ATT&CK for ICS framework
Discover more resources.
Explore more resources to support you on your ICS cybersecurity journey.
Read our next whitepaper
Ready to put your insights into action?
Take the next steps and contact our team today.