Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.



Dragos is the industrial cybersecurity expert on a relentless mission to safeguard civilization. In a world of rising cybersecurity threats, Dragos protects the most critical infrastructure (those that provide us with the tenets of modern civilization) from increasingly capable adversaries. Devoted to codifying and sharing our in-depth industry knowledge of ICS/OT systems, Dragos arms industrial defenders around the world with the knowledge and tools to protect their systems as effectively and efficiently as possible.

Our Website:

Infographic: Infographic: 10 Reasons Why Industrial Organizations Need Better Asset Visibility

by DragosMay 23, 2022

A key defense against increasing industrial cyber threats is to fully identify and inventory all your operational technology (OT) assets, including communication pathways. Every cybersecurity process becomes easier and more effective, when you have good asset visibility.

Download this infographic now to discover the 10 reasons why industrial organizations need better asset visibility.

Research Report: Report: ICS/OT Cybersecurity 2021 Year in Review

by DragosMay 18, 2022

Dragos is excited to present the fifth year of the annual Dragos Year In Review report on Industrial Control System (ICS)/ Operational Technology (OT) cyber threats, vulnerabilities, assessments, and incident response observations.

The ICS/ OT community has long suffered from more anecdotes on security than insights driven from data and real-world cases given the sensitivity of the subject. A lack of insights into the ICS/OT threat landscape and state of security prevent the community from having meaningful discussions on how to address today's challenges.

Download this Year in Review to discover the reality into the discussion as an attempt to move the conversation and security efforts forward.

Whitepaper: Executive Summary: ICS/OT Cybersecurity 2021 Year in Review

by DragosMay 18, 2022

In 2021, the industrial community attracted high-profile attention. Major cybersecurity incidents struck industrial organizations in a range of sectors, with international headlines detailing everything from a compromise of a water treatment facility with intent to poison its community to a ransomware attack against a pipeline operator that disrupted gas supplies to the southeast United States.

These reports underscored the potential devastating outcomes a security breach of critical infrastructure could have on communities and a country's economy. They also elevated the discussion the ICS/OT* community has been having for years on cyber readiness and brought them to the proverbial kitchen table—and the policymakers' and regulators' office desks, too.

Download this whitepaper now to read the ICS/OT cybersecurity executive summary.

Research Report: Report: An Executive's Guide to Industrial Cybersecurity

by DragosMay 18, 2022

As enterprises invest heavily in digital transformation, industrial cybersecurity will increasingly serve as a critical enabler for safely and securely advancing business goals through technological innovation.

Advancing connectivity and digitalization of operational technology (OT) provides significant benefits to the business, including:

  • Increased automation
  • Improved process efficiency
  • Better asset utilization
  • Enhanced telemetry of machinery for business forecasting
  • Equipment maintainability
Download this guide to discover more about the importance of industrial cybersecurity.

Whitepaper: Whitepaper: PIPEDREAM: Chernovite’s Emerging Malware Targeting Industrial Control Systems

by DragosMay 18, 2022

Threats to industrial infrastructure security are an extremely sensitive matter. Given the unique realities of industrial operations it is often harder for defenders to react than for adversaries to leverage public information. The more time the community has to implement mitigations before new malicious capabilities become public, the better the effects of any attempted attacks can be reduced.

PIPEDREAM is the seventh known Industrial Control Systems (ICS)-specific malware and fifth specifically developed to disrupt industrial processes. PIPEDREAM demonstrates significant adversary research and development focused on disruption, degradation, and potentially destruction of industrial environment and physical processes. It can disrupt, degrade, and potentially destroy industrial environments and processes.

Download this whitepaper for actions you can take to mitigate impacts in your environment.

Whitepaper: Whitepaper: How Dragos Activity Groups Obtain Initial Access into Industrial Environments

by DragosMay 18, 2022

As the threat landscape continues to evolve with a perpetual influx of new network anomalies and Indicators of Compromise (IOC), prudent defenders must focus on more actionable elements of attack characteristics, such as Tactics, Techniques and Procedures (TTPs). One such example of this is the Initial Access Tactic.

Initial access is one of the most important adversarial tactics and may form the critical dependency on which further tactics rely, or conversely it may be the end goal in itself. Irrespective of the adversary's intent, preventing successful initial access is paramount in preventing successful intrusions against your organization.

This whitepaper steps through the most common initial access techniques Dragos observes being utilized by activity groups in order to equip defenders with some of the vital elements of threat behavior knowledge and thus address the associated risks.