“ATT&CK™ for ICS is a knowledge base useful for describing the actions an adversary may take while operating within an ICS network. The knowledge base can be used to better characterize and describe post-compromise adversary behavior.” reads the official page set up by MITRE.
“The MITRE ATT&CK for ICS Matrix™ is an overview of the tactics and techniques described in the ATT&CK for ICS knowledge base. It visually aligns individual techniques under the tactics in which they can be applied. Some techniques span more than one tactic because they can be used for different purposes.”
The MITRE ATT&CK for ICS was built with the intent to help critical infrastructure and other organizations that use ICS
Over 100 individuals representing 39 organizations have contributed to the ATT&CK for ICS
The knowledge base for ICS attacks includes an Assets category that could be used by organizations to better classify the type of threats that could impact the resources in their environment.
The knowledge base currently includes 10 threat actors, 81 attack techniques, 17 families of malware, and 7 types of assets.
The knowledge base is essential for the development of effective threat intelligence and incident response activities.
“Asset owners and defenders want deep knowledge of the
“[ATT&CK for ICS] is a huge win for the
(SecurityAffairs – MITRE’s ATT&CK framework, ICS)