Windows OS utilities like Powershell, PSExec, and other commonly available tools have made life easier for cyber threat actors. Symantec discusses this concept widely known as “living-off-the-land” that often provides attackers with greater benefits than creating their own malware. Malicious actors are taking advantage of these utilities to hide in plain sight as they know defenders often do not flag related activity for looking suspicious. Likewise, recent reports of ICS-focused cyber threat actor groups have demonstrated their preference for using built-in utilities or common tools to gain a foothold within an IT network and then use that access to jump into the OT network. Symantec provides countermeasures to help detect and defend against this growing trend. Symantec