OT-IT-OT-PIVOTLateral Movement

IT → OT Network Pivot

Misconfigured firewall / shared AD / jump host lets a corporate-IT foothold reach the OT segment — typical lateral path in TRITON / INDUSTROYER cases.

§ Where this technique fits

OT-IT-OT-PIVOT is catalogued under the Lateral Movement tactic of the offensive-security kill-chain. It appears in 2 approved dossiers in the registry, typically at step 1.5 on average.

§ Dossiers chaining this technique

TRITON-class SIS reprogram → disable safety shutdown
After OT-network foothold, reach a Triconex Safety Instrumented System. Download attacker logic that suppresses safety trips on a process that's about to be pushed past its safe envelope.
step 1 / 5
Engineering workstation → push payload to PLC
Compromise the OT engineer's laptop (corporate-network adjacent, jumphost-reachable). Use legit engineering tools (TIA Portal / Studio 5000) to download attacker ladder logic to the PLC.
step 2 / 6

§ What commonly comes next

01
Engineering Workstation Pivot
OT-ENG-WORKSTATION · Lateral Movement
seen 2×

§ Where this technique fits

§ Dossiers chaining this technique

TRITON-class SIS reprogram → disable safety shutdown

Engineering workstation → push payload to PLC

§ What commonly comes next