Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Whitepaper: How Dragos Activity Groups Obtain Initial Access into Industrial Environments

by Dragos

May 18, 2022

As the threat landscape continues to evolve with a perpetual influx of new network anomalies and Indicators of Compromise (IOC), prudent defenders must focus on more actionable elements of attack characteristics, such as Tactics, Techniques and Procedures (TTPs). One such example of this is the Initial Access Tactic.

Initial access is one of the most important adversarial tactics and may form the critical dependency on which further tactics rely, or conversely it may be the end goal in itself. Irrespective of the adversary's intent, preventing successful initial access is paramount in preventing successful intrusions against your organization.

This whitepaper steps through the most common initial access techniques Dragos observes being utilized by activity groups in order to equip defenders with some of the vital elements of threat behavior knowledge and thus address the associated risks.