NSA Releases a Repository of Signatures and Analytics to Secure Operational Technology

Cyber actors have demonstrated their continued willingness to conduct malicious cyber activity against critical infrastructure by exploiting Internet-accessible and vulnerable Operational Technology (OT) assets. To counter this threat, NSA has released a repository for OT Intrusion Detection Signatures and Analytics to the NSA Cyber GitHub. The capability, known as ELITEWOLF, can enable defenders of critical infrastructure, defense industrial base, and national security systems to identify and detect potentially malicious cyber activity in their OT environments.

Civilian infrastructure has become an attractive target for foreign powers attempting to do harm to U.S. interests. Because of the increase in adversary capabilities, the vulnerability of OT systems, and the potential scope of impact, NSA recommends that OT critical infrastructure owners and operators implement ELITEWOLF as part of a continuous and vigilant system monitoring program.

For more detailed information, visit the ELITEWOLF page on NSA’s GitHub.

ELITEWOLF is being released as a follow up to the Protect Operational Technologies and Control Systems against Cyber Attacks Cybersecurity Advisory.

Read more at NSA

Homeland Security Today

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

See Full Bio