Complete reference guide to all 12 MITRE ATT&CK ICS tactics with technique mappings, detection strategies, and threat actor associations.
Click any tactic to explore its techniques, detection strategies, and associated threat actors.
The adversary is trying to get into your ICS environment.
The adversary is trying to run code or manipulate system functions, parameters, and data in an unauthorized way.
The adversary is trying to maintain their foothold in your ICS environment.
The adversary is trying to gain higher-level permissions.
The adversary is trying to avoid security defenses.
The adversary is locating information to assess and identify their targets in your environment.
The adversary is trying to move through your ICS environment.
The adversary is trying to gather data of interest and domain knowledge on your ICS environment.
The adversary is trying to communicate with and control compromised systems, controllers, and platforms.
The adversary is trying to prevent your safety, protection, quality assurance, and operator intervention functions from responding.
The adversary is trying to manipulate, disable, or damage physical control processes.
The adversary is trying to manipulate, interrupt, or destroy your ICS systems, data, and their surrounding environment.
Mjolnir Security provides comprehensive MITRE ATT&CK assessments to evaluate your defensive coverage across all ICS tactics.