← All threats
HIGH
OT / Industrial Control System Attack
Attack targeting operational technology — pumps, controllers, processing equipment. Implies OT exposure to the internet, default credentials on engineering workstations, or flat-network bridging from IT. Calls for IT/OT segmentation, vendor patch tracking, monitoring on Modbus/OPC traffic.
Attack targeting operational technology — pumps, controllers, processing equipment. Implies OT exposure to the internet, default credentials on engineering workstations, or flat-network bridging from IT. Calls for IT/OT segmentation, vendor patch tracking, monitoring on Modbus/OPC traffic.
MITRE ATT&CK
Tactics, Techniques & Procedures
TA0001 Initial Access
tactic
TA0004 Privilege Escalation
tactic
Defensive mapping
Mapped controls
The audit will verify each of these controls is in place and effective.
| Control | Confidence | Why it matters |
|---|---|---|
| Patch management suggested | 75% | Recommended control for vulnerability |
| Vulnerability scanning suggested | 75% | Recommended control for vulnerability |
| CVE-driven prioritisation suggested | 75% | Recommended control for vulnerability |
| Web application firewall suggested | 75% | Recommended control for vulnerability |
| Network segmentation between user and server tiers suggested | 75% | Recommended control for vulnerability |