ICS CYBERSECURITY ACADEMY

Industrial Control Systems cybersecurity training & resources

Hack the connected plant!

Tired of legacy ICS systems? Attend this training to hack the next generation of Industrial Control Systems! No more Modbus, no more standard PLC, no more Purdue model!


This training is designed to show what the future might look like for Industrial Control Systems, and how it will impact cybersecurity.


We’ll bring a realistic ICS setup that features all the fancy current and future trends: SD-WAN and Zero Trust, OPC-UA, MQTT, Edge device and soft-PLCs to control a small-scale industrial process simulation.

The first day will be dedicated to introducing the new cybersecurity challenges faced by modern Industrial Control Systems, and doing hands-on exercises on AWS pentesting, soft-PLC exploitation

On the second day we’ll reflect on the updated threat models and then we’ll spend the full day working on a realistic Capture-the-Flag exercise, where we’ll have to go from 0 to impacting a small industrial setup. The CTF will be guided, with answers given on a regular basis, so that all attendees can capture all the flags. We’ll end this exciting day with the takeaways of the exercise, and what could be done to prevent & detect the attacks we performed.

The outline of the training is the following:

DAY 1

  • Introduction to Industrial Control Systems
    • A little bit of history
    • Components
    • Main weaknesses
  • Architecture models for modern ICS
    • New network solutions: SD-WAN, Zero-Trust Network Access…
    • Interfacing legacy and modern ICS
    • Cloud computing
  • Legacy & modern ICS protocols (Modbus/tcp, MQTT, OPC-UA)
    • Presentation of common ICS protocols and their characteristics
    • Exercises analyzing network captures
    • Using clients to assess the features and security of modern protocols
  • Soft and hybrid PLCs, Edge devices
    • Analyzing the differences between standard and hybrid / soft PLCs
    • New attacks
    • New defense capabilities
  • Cloud security & AWS pentesting
    • Cloud security model
    • AWS-specifics
    • Hands-on exercises to get initial access and perform privilege escalation on AWS

DAY 2

  • Updated threat models for modern ICS
    • Putting everything we learned on day 1 together to create an updated threat model, that will serve as a blueprint for the capture the flag
  • Capture the Flag!
    • Almost day-long exercise to go from 0 to impacting a small industrial setup
    • Exercice will be guided, answers shared on a regular basis so that everyone can get all the flags
    • We’ll use a CTFd server to make things a little more exciting!
  • Training takeaways

Leave a Reply