Low Sophistication Threat Actors Continue to Target OT

On this episode we have Daniel Kapellmann Zafra, a manager on Mandiant’s Cyber Physical Threat Intelligence team, to discuss a recent blog he and has team have released on the trend of lower sophistication threat actors targeting operational technology (OT). We discuss a precursor blog they put out last year, specific to this trend and the usage of ransomware by financially motivated actors to OT, and we talk about what Daniel is seeing change in this space. Our conversation touches on the various motivations that appear to be shaping this activity, and what it means for the potential proliferation of this as a tactic for hacktivists, opportunistic threat actors, and more. One of the things that I think really comes across in this episode is the thoughtful analysis that Daniel and his team apply to ascertaining the drivers of this trend and where it may be going. It’s an insightful look into an area of threat activity we will likely continue to see headlines around this year.