ICS Tactics H Tactics Techniques Technique Matrix Software Groups
Name | Description |
Collection | The adversary is trying to gather data of interest and domain knowledge on your ICS environment to inform their goal. |
Command and Control | The adversary is trying to communicate with and control compromised systems, controllers, and platforms with access to your ICS environment. |
Discovery | The adversary is trying to figure out your ICS environment. |
Evasion | The adversary is trying to avoid being detected. |
Execution | The adversary is trying to run malicious code. |
Impact | The adversary is trying to manipulate, interrupt, or destroy your ICS systems, data, and their surrounding environment. |
Impair Process Control | The adversary is trying to manipulate, disable, or damage physical control processes. |
Inhibit Response Function | The adversary is trying to prevent your safety, protection, quality assurance, and operator intervention functions from responding to a failure, hazard, or unsafe state. |
Initial Access | The adversary is trying to get into your ICS environment. |
Lateral Movement | The adversary is trying to move through your ICS environment. |
Persistence | The adversary is trying to maintain their foothold in your ICS environment. |