Login

***harlan4096*** · 21 September 18, 07:20

Quote: While conducting audits, penetration tests and incident investigations, we have often come across legitimate remote administration tools (RAT) for PCs installed on operational technology (OT) networks of industrial enterprises. In a number of incidents that we have investigated, threat actors had used RATs to attack industrial organizations. In some cases, the attackers had stealthily installed RATs on victim organizations’ computers, while in other cases, they had been able to use the RATs that were installed in the organization at the time of the attacks. These observations prompted us to analyze the scope of the threat, including the incidence of RATs on industrial networks and the reasons for using them.

Contents:
Methodology

The use of RATs in ICS

Scenarios of RAT installation on ICS computers

RAT-related threats to ICS

Attacks of threat actors involving RATs

Attacks on industrial enterprises using RMS and TeamViewer

Multiple attacks on an auto manufacturer

Conclusion

Full reading: https://securelist.com/threats-posed-by-...ics/88011/

Login
Username/Email:
Password:	Lost Password?
	Remember me