Data Analysis and Results of Threat Groups in OT Environment

We gathered data from these notable sources such as Threat Group Cards by ThaiCERT, Malpedia by Fraunhofer FKIE, MITRE ATTCK, and the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) and compiled publicly available information, including: News articles and threat reports, based on categories such as victim sector (targeted companies) Threat actor group (responsible for the attack) Number of publicly reported attacks until June 2023 Year of threat group discovery Infrastructure target component (ISA- 95 model level targeted by attackers) Source country of the threat Victim countries of the threat Motivation behind the attack Tools used for the attack Tool type employed in the attack From these sources, we compiled information on 120 threat groups targeting OT/ICS environments in industrial sectors such as manufacturing, energy, oil gas, industrial, petrochemical, and critical infrastructure.

本数据集从以下权威数据源采集并整合公开信息：泰国计算机应急响应小组（ThaiCERT）发布的威胁组卡片（Threat Group Cards）、弗劳恩霍夫FKIE（Fraunhofer FKIE）开发的Malpedia、MITRE 对抗战术技术与常识知识库（MITRE ATT&CK），以及工业控制系统网络应急响应小组（ICS-CERT）。整合的公开信息涵盖以下类别： - 基于受害行业（目标企业）分类的新闻报道与威胁报告 - 实施攻击的威胁行为者群组 - 截至2023年6月的公开报道攻击事件总数 - 威胁群组被发现的年份 - 攻击目标的基础设施组件（攻击者所针对的ISA-95模型层级） - 威胁的起源国家 - 威胁波及的受害国家 - 攻击的发起动机 - 攻击所使用的工具 - 攻击所采用的工具类型 本数据集整合了上述数据源中的120个威胁群组的相关信息，这些群组针对制造业、能源、油气、工业、石化及关键基础设施等工业领域内的运营技术（OT）/工业控制系统（ICS）环境发起攻击。