MITRE and CISA Release Open Source Tool to Enhance Security of Operational Technology

A new open-source tool has been launched by MITRE and the US Cybersecurity and Infrastructure Security Agency (CISA) to emulate cyberattacks on operational technology (OT). This joint initiative aims to strengthen the security of critical infrastructure, including water and energy systems, which heavily rely on OT. The tool, known as “MITRE Calder for OT,” is now publicly available as an extension to the open-source Caldera platform on GitHub. Developed in partnership between the Homeland Security Systems Engineering and Development Institute (HSSEDI) and CISA, this tool marks a significant step in safeguarding critical infrastructure against cyber threats.

The MITRE Framework for OT (Operational Technology)

As an extension of the open-source Caldera platform, the MITRE Caldera for OT provides a comprehensive framework for emulating cyber-attacks on OT systems. This collaboration between HSSEDI and CISA offers an innovative solution for enhancing the security of critical infrastructure. By simulating potential cyber threats and emulating attack scenarios, defenders of operational technology can gain valuable insights and improve their defense mechanisms.

Importance of Actionable Tools and Resources

Eric Goldstein, the Executive Assistant Director for Cybersecurity at CISA, emphasizes the critical role of actionable tools and resources in supporting the critical infrastructure community. With the increasing frequency and sophistication of cyber threats targeting OT systems, it is vital to provide defenders with effective tools and resources to stay ahead of adversaries. The MITRE Calder for OT fills this gap by offering a practical and actionable solution to exercise and strengthen the defenses of critical systems.

Collaboration and Development

The MITRE Calder for OT extension builds upon the work of CISA and HSSEDI in automating adversary emulation simulations. The Control Environment Laboratory Resource (CELR) provided by CISA has been instrumental in this development. Leveraging the expertise of MITRE, renowned for creating the widely used ATT&CK framework for mapping threat actors’ techniques, tactics, and procedures (TTPs), the extension offers a comprehensive emulation capability. This collaboration reflects a collective effort to enhance the resilience of critical infrastructure against cyber threats.

Future Plans and Modules

MITRE, in collaboration with CISA and other organizations, is actively working on the next set of Caldera for OT open-source modules. These modules will further enhance the capabilities of the tool and enable defenders to simulate a broader range of attack scenarios. By continuously developing and expanding the resources available, MITRE and CISA strive to provide defenders with the necessary tools to bolster the security of operational technology and critical infrastructure.

Protecting Critical Infrastructure

Yosry Barsoum, Vice President and Director of the Center for Securing the Homeland at MITRE, highlights the significance of protecting the nation’s critical infrastructure. With the introduction of the MITRE Calder for OT, the partnership between MITRE and CISA aims to support defenders in exercising and improving the defense of operational technology systems. This collaborative effort ensures that critical infrastructure remains resilient against cyber threats and provides a robust defense against potential attacks.

Alignment with National Cybersecurity Strategy

The release of MITRE Calder for OT aligns with the US National Cybersecurity Strategy and President Biden’s Executive Order on Improving the Nation’s Cybersecurity. The government’s focus on hardening the security of critical infrastructure underscores the importance of investing in tools and resources that can strengthen defenses against cyber threats. The partnership between MITRE and CISA plays a pivotal role in achieving these strategic objectives and safeguarding the nation’s critical infrastructure.

The release of the MITRE Calder for OT represents a significant milestone in the ongoing battle to protect critical infrastructure from cyber threats. By providing defenders with an open-source tool and actionable resources, MITRE and CISA are empowering organizations to strengthen the security of their OT systems. This collaboration demonstrates a shared commitment to bolstering the defenses of operational technology and enhancing the resilience of critical infrastructure. Moving forward, continued collaboration and development in the field of cybersecurity will be essential to stay ahead of evolving cyber threats and safeguard the nation’s critical infrastructure.

Explore more

How Is AI Transforming Digital Marketing Strategies?

Artificial Intelligence (AI) is rapidly becoming a cornerstone of digital marketing, fundamentally altering how brands connect with audiences in an increasingly crowded online space. As businesses grapple with the challenge of capturing consumer attention amidst endless streams of content, AI offers a lifeline by providing tools that personalize experiences, streamline operations, and deliver data-driven insights. This technological shift is not

Business Central Mobile Apps Transform Operations On-the-Go

In an era where business agility defines success, the ability to manage operations from any location has become a critical advantage for companies striving to stay ahead of the curve, and Microsoft Dynamics 365 Business Central mobile apps are at the forefront of this shift. These apps redefine how organizations handle essential tasks like finance, sales, and inventory management by

Transparency Key to Solving D365 Pricing Challenges

Understanding the Dynamics 365 Landscape Imagine a business world where operational efficiency hinges on a single, powerful tool, yet many enterprises struggle to harness its full potential due to unforeseen hurdles. Microsoft Dynamics 365 (D365), a leading enterprise resource planning (ERP) and customer relationship management (CRM) solution, stands as a cornerstone for medium to large organizations aiming to integrate and

Generative AI Transforms Finance with Automation and Strategy

This how-to guide aims to equip finance professionals, particularly chief financial officers (CFOs) and their teams, with actionable insights on leveraging generative AI to revolutionize their operations. By following the steps outlined, readers will learn how to automate routine tasks, enhance strategic decision-making, and position their organizations for competitive advantage in a rapidly evolving industry. The purpose of this guide

How Is Tech Revolutionizing Traditional Payroll Systems?

In an era where adaptability defines business success, the payroll landscape is experiencing a profound transformation driven by technological innovation, reshaping how companies manage compensation. For decades, businesses relied on rigid monthly or weekly pay cycles that often failed to align with the diverse needs of employees or the dynamic nature of modern enterprises. Today, however, a wave of cutting-edge