According to the 2019 SANS State of ICS Cybersecurity Survey, direct physical access is the #1 threat vector, followed close behind by remote access (together, representing 97% of threats). Regardless, there’s little focus on an emerging class of sophisticated penetration testing tools that provide direct physical access and covert remote access, fully capable of bypassing existing network security controls and jumping over air gaps. This session will examine the capabilities of these new attack platforms, and the security implications they introduce to ICS/OT environments, and will offer recommended mitigation practices.