Industrial control systems (ICS) are often a sitting target for cybercriminals. The majority of these systems monitor complex industrial processes and critical infrastructures that deliver power, water, transport, manufacturing and other essential services.
There are many vulnerabilities in ICS systems that could expose an installation to attacks. Downtime or infiltration of an ICS network could result in massive outages, hundreds of thousands of impacted users and even national disaster. Penetration testing on ICS systems is a very specific field that requires in-depth knowledge and hardware availability.
This training is going to help you to understand ICS systems, analyze their weaknesses, attack them and design strategies to protect them. It is aimed at security professionals who want to understand ICS systems, improve their skills or specialize in ICS security, and will take them from the fundamentals of ICS security to advanced hacking techniques.
We will focus on methodologies for hacking commercial hardware devices such as PLCs as well as simulators, and we will also provide an excellent opportunity for participants to have hands-on experience in penetration testing of these devices and systems. The ICS setup will simulate the ICS infrastructure with real-time PLCs and SCADA applications. We will cover the most common ICS protocols (Modbus, S7, DNP3, OPC, Profinet), analyze packet captures and learn how to use these protocols to talk to PLCs. You will learn how to program a PLC, to better understand how to exploit them.
Throughout the course, we will use a virtual machine created by us specifically for ICS penetration tests, it has all the necessary tools for ICS hacking. The course is structured for beginner to intermediate level assistants and there is no need of previous experience in ICS, reversing or hardware
This course is a perfect fit for professionals who want to understand ICS systems, improve their skills
or specialize in ICS security, and will take them from the fundamentals of ICS security to advanced
hacking techniques. It’s an excellent opportunity for participants to acquire hands-on experience in
penetration testing ICS devices and systems
Bypassing the Air Gap
Common ICS Vulnerabilities
Discussion of real attacks
Pentesting ICS systems
Hands-on Pentesting ICS practice
Securing ICS Systems
ICS System Case Study