A new open-source tool has been launched by MITRE and the US Cybersecurity and Infrastructure Security Agency (CISA) to emulate cyberattacks on operational technology (OT). This joint initiative aims to strengthen the security of critical infrastructure, including water and energy systems, which heavily rely on OT. The tool, known as “MITRE Calder for OT,” is now publicly available as an extension to the open-source Caldera platform on GitHub. Developed in partnership between the Homeland Security Systems Engineering and Development Institute (HSSEDI) and CISA, this tool marks a significant step in safeguarding critical infrastructure against cyber threats.
The MITRE Framework for OT (Operational Technology)
As an extension of the open-source Caldera platform, the MITRE Caldera for OT provides a comprehensive framework for emulating cyber-attacks on OT systems. This collaboration between HSSEDI and CISA offers an innovative solution for enhancing the security of critical infrastructure. By simulating potential cyber threats and emulating attack scenarios, defenders of operational technology can gain valuable insights and improve their defense mechanisms.
Importance of Actionable Tools and Resources
Eric Goldstein, the Executive Assistant Director for Cybersecurity at CISA, emphasizes the critical role of actionable tools and resources in supporting the critical infrastructure community. With the increasing frequency and sophistication of cyber threats targeting OT systems, it is vital to provide defenders with effective tools and resources to stay ahead of adversaries. The MITRE Calder for OT fills this gap by offering a practical and actionable solution to exercise and strengthen the defenses of critical systems.
Collaboration and Development
The MITRE Calder for OT extension builds upon the work of CISA and HSSEDI in automating adversary emulation simulations. The Control Environment Laboratory Resource (CELR) provided by CISA has been instrumental in this development. Leveraging the expertise of MITRE, renowned for creating the widely used ATT&CK framework for mapping threat actors’ techniques, tactics, and procedures (TTPs), the extension offers a comprehensive emulation capability. This collaboration reflects a collective effort to enhance the resilience of critical infrastructure against cyber threats.
Future Plans and Modules
MITRE, in collaboration with CISA and other organizations, is actively working on the next set of Caldera for OT open-source modules. These modules will further enhance the capabilities of the tool and enable defenders to simulate a broader range of attack scenarios. By continuously developing and expanding the resources available, MITRE and CISA strive to provide defenders with the necessary tools to bolster the security of operational technology and critical infrastructure.
Protecting Critical Infrastructure
Yosry Barsoum, Vice President and Director of the Center for Securing the Homeland at MITRE, highlights the significance of protecting the nation’s critical infrastructure. With the introduction of the MITRE Calder for OT, the partnership between MITRE and CISA aims to support defenders in exercising and improving the defense of operational technology systems. This collaborative effort ensures that critical infrastructure remains resilient against cyber threats and provides a robust defense against potential attacks.
Alignment with National Cybersecurity Strategy
The release of MITRE Calder for OT aligns with the US National Cybersecurity Strategy and President Biden’s Executive Order on Improving the Nation’s Cybersecurity. The government’s focus on hardening the security of critical infrastructure underscores the importance of investing in tools and resources that can strengthen defenses against cyber threats. The partnership between MITRE and CISA plays a pivotal role in achieving these strategic objectives and safeguarding the nation’s critical infrastructure.
The release of the MITRE Calder for OT represents a significant milestone in the ongoing battle to protect critical infrastructure from cyber threats. By providing defenders with an open-source tool and actionable resources, MITRE and CISA are empowering organizations to strengthen the security of their OT systems. This collaboration demonstrates a shared commitment to bolstering the defenses of operational technology and enhancing the resilience of critical infrastructure. Moving forward, continued collaboration and development in the field of cybersecurity will be essential to stay ahead of evolving cyber threats and safeguard the nation’s critical infrastructure.