2-DAY TRAINING 8 – Attacking and Securing Industrial Control Systems (ICS)

THIS CLASS IS NOW BEING HELD ONLINE FOLLOWING EU TIMEZONE CEST/GMT+2

ATTEND ONLINE: REGISTRATION CLOSED

DATE: 24-25 August 2021

TIME: 09:00-17:00 CEST/GMT+2

Date Day Time Duration
24 August Tuesday 09:00-17:00 CEST/GMT+2 8 Hours
25 August Wednesday 09:00-17:00 CEST/GMT+2 8 Hours

 

This training includes a VM test environment, toolsets, and 1 month trainer support!

Overview

Industrial Control Systems (ICS) are often a sitting target for cybercriminals. The majority of these systems monitor complex industrial processes and critical infrastructures that deliver power, water, transport, manufacturing and other essential services.

There are many vulnerabilities in ICS systems that could expose an installation to attacks. Downtime or infiltration of an ICS network could result in massive outages, hundreds of thousands of impacted users and even national disaster. Penetration testing on ICS systems is a very specific field that requires in-depth knowledge and hardware availability.

This training is going to help you to understand ICS systems, analyse their weaknesses, attack them and design strategies to protect them. It is aimed at security professionals who want to understand ICS systems, improve their skills or specialize in ICS security, and will take them from the fundamentals of ICS security to advanced hacking techniques.

The focus will be on methodologies for hacking commercial hardware devices such as PLCs as well as simulators, and will also provide an excellent opportunity for participants to gain hands-on experience in penetration testing of these devices and systems. The ICS setup will simulate the ICS infrastructure with real-time PLCs and SCADA applications. The training will cover the most common ICS protocols (Modbus, S7, DNP3, OPC, Profinet), analysing packet captures and learning how to use these protocols to talk to PLCs. The training will also incorporate how to program a PLC, to improve understanding of how they can be exploited. There will be modules on how to bypass airgaps, how to defend airgapped systems, and also the techniques and tactics that adversaries use to compromise ICS systems.

 

Students will receive:

  • Slides/lectures of the training
  • VM with test environment, exercises and all the tools used in class
  • 1 month of support from the trainer to complete the exercises presented

 

Key Learning Objectives

  • To understand ICS systems
  • To improve their skills or specialize in ICS security
  • To take trainees from the fundamentals of ICS security to advanced hacking techniques
  • To acquire hands-on experience in penetration testing ICS devices and systems

 

Who Should Attend

  • Penetration Testers / Red Team Members who want to pentest ICS systems or bypass the airgap
  • Government officials from defensive or defensive units
  • SCADA and PLC programmers
  • IT and OT security professionals seeking to increase their knowledge of ICS hacking and security
  • Anyone interested in ICS security

 

Prerequisite Knowledge

The course is structured for beginner to intermediate level assistants and there is no requirement for previous experience in ICS, reversing or hardware.

  • Basic knowledge of Linux
  • Basic knowledge of networking and pentesting

 

Hardware / Software Requirements

  • Laptop with at least 40GB free space
  • 8 GB minimum RAM
  • Virtualization Software such as VMWare or Virtualbox
  • Admin/Root access on their laptop

TRAININGS
Location: TRAININGS Date: August 24, 2021 Time: 3:00 pm - 11:00 pm Sarka Pekarova Juan Escobar