SecurityWeek is pleased to offer the following optional workshop for attendees of our 2019 Singapore ICS Cyber Security Conference, taking place April 16-18, 2019.
When: Thursday, April 18, 2019 – 8AM-5PM ($400 Fee – Limited to 40 Students – Register Now)
Industrial Control Systems (including DCS, HMI, PLC, SCADA, SIS) and Industrial IoT are often poorly understood, yet they are used in the most critical environments in the world. Although they generally remain unseen they are responsible for the smooth running of our daily routines from the moment we turn on a tap in the morning, to turning off the lights at night.
This one-day training will take a deep-dive into advanced ICS security techniques and provide participants with the knowledge that they need to safely evaluate and protect these systems against emerging cyber threats.
The course will also provide methodologies through which security research may be performed against ICS devices in order to identify zero-day vulnerabilities; taking a deep dive into industrial protocols used within low-level ICS assets such as OPC, IEC 60870-5-104 and Modbus in addition to discussing DNP3, Ethernet/IP, Profinet, MMS, WirelessHART, ISA100.11a. During the course, participants will have the opportunity to engage in real-life attacks against key ICS/IIoT components and other Industrial Control Systems, by performing activities such as firmware reverse engineering of ICS assets, and ICS protocol fuzzing.
Course Outline
ICS Fundamentals & Attack Introduction (Morning)
1. Industrial Control Systems Overview
2. Securing Industrial Control Systems
3. Open Source Intelligence (OSINT)
4. Attacking ICS Devices
5. Hacking Windows Based Control Systems
Attacking ICS – real-life hacking (Afternoon)
6.Ransomware
7.Hacking SCADA Applications
8.OPC Configuration Vulnerabilities and Hardening
9.Fuzzing Industrial Protocols
10.Firmware Analysis & Reverse Engineering
New Training: Advanced ICS/IIoT Security 1-Day Training (Singapore)
SecurityWeek is pleased to offer the following optional workshop for attendees of our 2019 Singapore ICS Cyber Security Conference, taking place April 16-18, 2019. When: Thursday, April 18, 2019 - 8AM-5PM ($400 Fee - Limited to 40 Students - Register Now) Industrial Control Systems (including DCS, HMI, PLC, SCADA, SIS) and Industrial IoT are often poorly understood, yet they are used in the most critical environments in the world. Although they generally remain unseen they are responsible for the smooth running of our
Leadership, Security, and Support at the Clinton White House
Presented at SecurityWeek's 2018 ICS Cyber Security Conference How would you handle leadership in this the most stressful Chief Information Officer (CIO) job in the World – being the CIO at The White House? Colonel Gelhardt answers this question, and talks about the leadership and mentorship he used and how you can use the same skills in the civilian world. If he can do it so can you! Speaker: Colonel Mark Gelhardt - Former CIO for President Clinton
Side-Channel Attacks Put Critical Infrastructure at Risk
ICS Devices Vulnerable to Side-Channel Attacks: Researcher Shows (Eduard Kovacs - SecurityWeek) Side-channel attacks can pose a serious threat to industrial control systems (ICS), a researcher warned last month at SecurityWeek’s ICS Cyber Security Conference in Atlanta, GA. Demos Andreou, a lead engineer at power management company Eaton, has conducted an analysis of protection devices typically used in the energy sector, specifically in power distribution stations. Side-channel attacks can be used to extract data from a system based on information gained by observing
[Video] Hunting for Xenotime, Creators of TRITON-TRISIS ICS Malware
Presented at SecurityWeek's 2018 ICS Cyber Security Conference Speakers: Robert Lee - CEO, Dragos Marc Seitz - Threat Analyst, Dragos The activity group responsible for the TRISIS/TRITON malware is identified as XENOTIME. After the attack on the safety instrumented system in 2017 the group remained active targeting other environments with different safety systems in other regions of the world. Hunting for the behaviors of this group allows defenders to not only search for existing threats but also identify new threats leveraging such
New ISA/IEC Standard Specifies Cybersecurity Capabilities for Control System Components
Research Triangle Park, NC (25 September 2018) – The ISA/IEC 62443 series of standards, developed by the ISA99 committee as American National Standards and adopted globally by the International Electrotechnical Commission (IEC), is designed to provide a flexible framework to address and mitigate current and future security vulnerabilities in industrial automation and control systems (IACS). A newly published standard in the series, ISA/IEC 62443-4-2-2018, Security for Industrial Automation and Control Systems: Technical Security Requirements for IACS Components, provides the cybersecurity technical
Legitimate Remote Admin Tools Pose Serious Risk to Industrial Systems
(SecurityWeek - Eduard Kovacs) - Remote administration tools (RATs) installed for legitimate purposes in operational technology (OT) networks can pose a serious security risk, allowing malicious actors to abuse them in attacks aimed at industrial organizations, Kaspersky Lab warns. A report published on Friday by the security firm reveals that, on average, in the first half of 2018, legitimate RATs were found on more than two-thirds of computers used for industrial control systems (ICS). The highest percentage of ICS computers with RATs
Serious Vulnerability Found in Honeywell’s Android-based Handhelds
(SecurityWeek - Eduard Kovacs) - Members of Google’s Android team discovered that some of Honeywell’s Android-based handheld computers are affected by a high severity privilege escalation vulnerability. The vendor has released software updates that should address the flaw. Honeywell’s handheld computers are advertised as devices that combine the advantages provided by consumer PDAs with high-end industrial mobile computers. These rugged devices run Android or Windows operating systems and they provide a wide range of useful functions and connectivity features, including Wi-Fi,
Red Team/Blue Team ICS Cyber Security Training
SecurityWeek is happy to be partnering with LEO Cyber Security to offer a half-day Red Team/Blue Team ICS Cyber Security Training workshop at SecurityWeek’s 2018 ICS Cyber Security Conference. The workshop will take place on Monday, October 22 and is available as an option for conference attendees. (Registration available here) What is Red Team/Blue Team Training? Security aware and knowledgeable users serve as the “front line” of your overall security posture. As such, training is one of the most essential components of your
Reconnaissance, Lateral Movement Rise in Manufacturing Firms
(SecurityWeek - Eduard Kovacs) - An unusually high volume of malicious internal reconnaissance and lateral movement have been observed in the manufacturing industry, which experts believe is a result of the rapid convergence between IT and OT networks. The data comes from the 2018 Spotlight Report on Manufacturing released on Wednesday by threat detection company Vectra. The report is based on observations from another report released on Wednesday by the company, the 2018 Black Hat Edition of the Attacker Behavior Industry Report, which shows
ICS Honeypot Highlights Danger to Critical Systems From Criminal Hackers
(SecurityWeek - Kevin Townsend) - Security firm Cybereason established a sophisticated honeypot masquerading as a power transmission substation for a major electricity provider. The purpose was to attract attackers and analyze how they operate against the energy sector of the critical infrastructure. Within two days of going live on June 17, the honeypot developed and operated by Cybereason was found, prepped by a black-market reseller, and sold on in the dark web underworld. xDedic RDP Patch was found in the environment.