Introduction to ICS/SCADA security

10
ICS / SCADA Cyber security Adithya Naresh SAP Labs

Transcript of Introduction to ICS/SCADA security

Page 1: Introduction to ICS/SCADA security

ICS / SCADA Cyber security

Adithya NareshSAP Labs

Page 2: Introduction to ICS/SCADA security

root@kali :-# whoami

• Security Enthusiast

• Been in ICS for 2 years in my previous employment

• Like to play around with windows executable

Page 3: Introduction to ICS/SCADA security

root@kali :-# ls -al ICS

Page 4: Introduction to ICS/SCADA security

root@kali :-# cat ICS

Page 5: Introduction to ICS/SCADA security

root@kali :-# sed -n ‘/vendors/p’ ICS

Page 6: Introduction to ICS/SCADA security
Page 7: Introduction to ICS/SCADA security

Sensors and actuators allow interaction with the physical world (pressure sensor, valves,

motors….)

Local HMI Human-Machine Interface, permits the supervision and control of a sub

process

PLC Programmable Logic Controller : manages the sensors and actuators

Supervision screen remote supervision of the industrial process

Data historian Records all the data from the production and Scada networks

RTU Remote Terminal Unit (standalone PLC)

Page 8: Introduction to ICS/SCADA security
Page 9: Introduction to ICS/SCADA security

run exploit

root@kali :-# echo “Demo Time”

Page 10: Introduction to ICS/SCADA security

root@kali :-# exit ICS

• https://ics-cert-training.inl.gov/ - ICS CERT VLP

• http://www.controlglobal.com/ - Top 50

• https://ics-radar.shodan.io - Shodan

• https://www.defcon.org - Defcon


Independent Study Pinpoints Significant SCADA/ICS ... · 3 REPORT: INDEPENDENT STUDY PINPOINTS SIGNIFICANT SCADA/ICS CYBERSECURITY RISKS EXECUTIVE SUMMARY Many businesses and government

Independent Study Pinpoints Significant SCADA/ICS ... · 3 REPORT: INDEPENDENT STUDY PINPOINTS SIGNIFICANT SCADA/ICS CYBERSECURITY RISKS EXECUTIVE SUMMARY Many businesses and government

SCADA/ICS › FTP_files › SCADAandICSLabJuly2015.pdf · SCADA and DCS systems. The two acronyms SCADA/ICS stand for “Supervisory Control and Data Acquisition” (SCADA) and “Industrial

SCADA/ICS › FTP_files › SCADAandICSLabJuly2015.pdf · SCADA and DCS systems. The two acronyms SCADA/ICS stand for “Supervisory Control and Data Acquisition” (SCADA) and “Industrial

Guide to Industrial Control Systems (ICS) Security · Guide to Industrial Control . Systems (ICS) Security . Supervisory Control and Data Acquisition (SCADA) systems, Distributed

Guide to Industrial Control Systems (ICS) Security · Guide to Industrial Control . Systems (ICS) Security . Supervisory Control and Data Acquisition (SCADA) systems, Distributed

Communication network dependencies for ICS/SCADA Systems · ICS/SCADA systems security 50 Monitoring, maintenance and mitigation process 52 Contracting with network operators 52 Authentication

Communication network dependencies for ICS/SCADA Systems · ICS/SCADA systems security 50 Monitoring, maintenance and mitigation process 52 Contracting with network operators 52 Authentication

Analysis of ICS-SCADA Cyber Security Maturity Levels in ...

Analysis of ICS-SCADA Cyber Security Maturity Levels in ...

Certification Schemes at European level for Cyber Security Skills of ICS SCADA

Certification Schemes at European level for Cyber Security Skills of ICS SCADA

Analysing the European testing capabilities of ICS- SCADA ...

Analysing the European testing capabilities of ICS- SCADA ...

Internet connected ICS/SCADA/PLC

Internet connected ICS/SCADA/PLC

Emerging SCADA and Security Solutionssections.weat.org/sanantonio/files/2014_04_Graves_Murphy.pdfSCADA/ICS Cyber Security Forensic evidence indicates that the hackers may have been

Emerging SCADA and Security Solutionssections.weat.org/sanantonio/files/2014_04_Graves_Murphy.pdfSCADA/ICS Cyber Security Forensic evidence indicates that the hackers may have been

Industrial Control Systems (ICS) Security Resources...ICS Curriculum is ICS410: ICS/SCADA Security Essentials. This course provides students with the essentials for conducting security

Industrial Control Systems (ICS) Security Resources...ICS Curriculum is ICS410: ICS/SCADA Security Essentials. This course provides students with the essentials for conducting security

An Analysis on Time-Series Data from PLCs in ICS/SCADA …cwb.kr/articles/chanwoo_pub_2.pdfICS/SCADA systems Chanwoo Bae, Won-seok Hwang National Security Research Institute, Daejeon,

An Analysis on Time-Series Data from PLCs in ICS/SCADA …cwb.kr/articles/chanwoo_pub_2.pdfICS/SCADA systems Chanwoo Bae, Won-seok Hwang National Security Research Institute, Daejeon,

ICS, SCADA, and Non-Traditional Incident … ICS, SCADA, and Non-Traditional Incident Response Kyle Wilhoit Threat Researcher, Trend Micro

ICS, SCADA, and Non-Traditional Incident … ICS, SCADA, and Non-Traditional Incident Response Kyle Wilhoit Threat Researcher, Trend Micro

SCADA, SeCurity & AutomAtion SCADA Security: ... • Training Classes ... Powermetrics Introduces a UPS / Power Supply for SCADA-RTU Applications SCADA Security:

SCADA, SeCurity & AutomAtion SCADA Security: ... • Training Classes ... Powermetrics Introduces a UPS / Power Supply for SCADA-RTU Applications SCADA Security:

2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabilities & Threats

2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabilities & Threats

What's the Big Deal with Assessing ICS/SCADA?

What's the Big Deal with Assessing ICS/SCADA?

SOC and ICS/SCADA Security

SOC and ICS/SCADA Security

SCADA Cyber security - Chapters Site from 3rd...ICS\SCADA Cyber security ... • SCADA is a system for remote monitoring and control that operates over communication ... Siemens S

SCADA Cyber security - Chapters Site from 3rd...ICS\SCADA Cyber security ... • SCADA is a system for remote monitoring and control that operates over communication ... Siemens S

ICS Shield Product Description - Honeywell · ICS Shield is a top-down OT security management solution for securing connected ICS/SCADA environments. Empowering organizations to implement

ICS Shield Product Description - Honeywell · ICS Shield is a top-down OT security management solution for securing connected ICS/SCADA environments. Empowering organizations to implement

SCADA Cyber Security - Yokogawa Electric · SCADA Cyber Security | 4 Introduction The Industrial Control Systems (ICS), including SCADA, are known for their high availability. The

SCADA Cyber Security - Yokogawa Electric · SCADA Cyber Security | 4 Introduction The Industrial Control Systems (ICS), including SCADA, are known for their high availability. The

SCADA, SECURITY & AUTOMATION NEWSLETTER · 2018-10-02 · SCADA, SECURITY & AUTOMATION NEWSLETTER Securing Your SCADA System Inside this issue: • FREE SCADA Security Seminar •

SCADA, SECURITY & AUTOMATION NEWSLETTER · 2018-10-02 · SCADA, SECURITY & AUTOMATION NEWSLETTER Securing Your SCADA System Inside this issue: • FREE SCADA Security Seminar •