Assessing And Protecting Industrial Control Systems

Empowering You to Navigate the OT Landscape: Keystone Actions for Robust Industrial Control Systems Security

What you'll learn

Assessing a simulated cookie factory with real pentesting tools

Creating cyber threat scenarios using various frameworks and defining protection meausrements

Building a free open source virtual lab environment

NO exploiting or pwning, the focus is on understanding the challenges of an OT production environment

Requirements

Windows system with 8GB RAM and virtualization enabled

Basic knowledge or interest in industrial process automation

No licenses needed. All tools are open source!

Completion of the previous course is optional

Description

Gain practical, hands-on experience in securing OT environments through simulated exercises and real-world scenarios. Learn from an expert with extensive experience, providing valuable insights and guidance throughout the course. Elevate your defensive OT skills to the next level.Join now and step into the exciting world of OT security! In this comprehensive course, you will embark on a mission to assess and protect the infrastructure of Joy Cookie Factory as it prepares to transition its entire shop floor online. Unlike previous courses, we prioritize understanding the environment in which OT devices operate, recognizing threats, and implementing effective onboard protection techniques to fortify these devices against cyber threats.In this course, you'll dive into the essentials of OT security, focusing on practical skills and actionable strategies. Whether you're a newcomer to the field or a seasoned professional, this course will empower you to safeguard OT environments effectively.Gain a comprehensive understanding of the ecosystem in which OT devices operate, enabling you to identify potential vulnerabilities and threats. Learn how to create a thorough OT asset inventory and assess devices for common vulnerabilities, laying the groundwork for robust security measures. Acquire essential skills and techniques to fortify your OT environment against attacks, utilizing onboard resources and a firewall without relying on expensive detection and response tools.While participation in the predecessor course, Practical Industrial Control System Penetration Testing, is optional, it is highly recommended. Both courses together provide a holistic understanding of OT device vulnerabilities and their operating environments, setting you up for success in securing OT systems effectively.The core exercise of this course revolves around a simulated OT network of a cookie factory, offering hands-on experience in creating an OT asset inventory and assessing devices for vulnerabilities. Through practical exercises and real-world scenarios, you'll develop the skills needed to defend OT environments effectively.Enroll today and take the first step towards mastering the art of defending industrial control systems. Equip yourself with the knowledge and skills needed to safeguard critical infrastructure and protect against evolving cyber threats. Don't miss out on this opportunity to advance your career and make a tangible impact in the world of OT security. Join us now and embark on a journey towards a more secure future!

Overview

Section 1: Welcome to the Course!

Lecture 1 Introduction

Lecture 2 Contrasting IT and OT

Lecture 3 Pentest Classifications of ICS/OT Systems

Lecture 4 ICS/OT Devices are Easy Targets

Lecture 5 Reviewing the Industrial Attack Landscape

Lecture 6 OT OSINT Techniques you can try for yourself

Lecture 7 Summary

Section 2: Setting Up Your ICS/OT Lab

Lecture 8 Introduction to Setting Up Your ICS/OT Lab

Lecture 9 Understanding Virtualization and Virtual Machines

Lecture 10 Installation of VirtualBox

Lecture 11 Installing the Kali Linux VM and downloading additional nmap scripts

Lecture 12 Installing the Ubuntu Desktop VM

Lecture 13 Running the install script to get the course materials

Lecture 14 Setting up the HostOnly network

Lecture 15 Summary of Setting Up Your ICS/OT Lab

Section 3: Practical Refresher

Lecture 16 Introduction to Practical Refresher

Lecture 17 Setup the VM, Start the S7-300 Emulation and Excercise Tasks

Lecture 18 Recap Netdiscover, Nmap, Nmap NSE (Spoiler Free)

Lecture 19 Step by Step Excercise Solution: S7-300 Recon, Enum and Assessment

Lecture 20 Report Writing with ChatGPT

Lecture 21 Summary of Practical Refresher

Section 4: Preparing the Assessment

Lecture 22 Introduction to Preparing the Assessment

Lecture 23 Setting the Stage: Crumbs of Joy Cookie Factory and getting to know their OT

Lecture 24 The Penetration Testing Agreement

Lecture 25 Your Asset Inventory Template

Lecture 26 Migrating the Client's Data into our Asset Inventory

Lecture 27 Create a Network Topology from Scratch with draw.io

Lecture 28 Summary of Preparing the Assessment

Section 5: OT Network Assessment

Lecture 29 Introduction to OT Network Assessment

Lecture 30 Performing a Layer 2 Asset Discovery - Task

Lecture 31 Performing a Layer 2 Asset Discovery - Solution

Lecture 32 Marking OT Devices as Safe to Scan with a Layer 3 ICMP Scan - Task

Lecture 33 Marking OT Devices as Safe to Scan with a Layer 3 ICMP Scan - Solution

Lecture 34 Scanning the OT Network for Open Ports with Nmap - Task

Lecture 35 Scanning the OT Network for Open Ports with Nmap - Solution

Lecture 36 Summary of OT Network Assessment

Section 6: PLC Assessment

Lecture 37 Introduction to PLC Assessment

Lecture 38 Setting up the PLC Emulation and Task

Lecture 39 Scanning for Open Ports and Probing the Industrial Protocol with Nmap - Solution

Lecture 40 Assessing the PLC's Exposed Webserver - Solution

Lecture 41 Summary of PLC Assessment

Section 7: Human-Machine-Interface Assessment

Lecture 42 Introduction to Human-Machine-Interface Assessment

Lecture 43 Setting up the HMI Emulation and Task

Lecture 44 Scanning for Open Ports with Nmap - Solution

Lecture 45 Assessing the HMI's Remote Access Services - Solution

Lecture 46 Summary of Human-Machine-Interface Assessment and Bonus

Section 8: Summarizing the Findings and Reporting

Lecture 47 Introduction to Summarizing the Findings and Reporting

Lecture 48 Update the Network Topology - Task

Lecture 49 Update the Network Topology - Solution

Lecture 50 Discovering Undocumented Network Hosts

Lecture 51 Critical Findings: OT Network Architecture, Remote Access, PLC, HMI

Lecture 52 Summarizing Key-Findings in an Dashboard

Lecture 53 Reporting the Findings with ChatGPT

Lecture 54 Summary of Summarizing the Findings and Reporting

Section 9: Risk Assessment and Threat Modelling

Lecture 55 Introduction to Risk Assessment and Threat Modelling

Lecture 56 Risks of a Flat OT Network Architecture

Lecture 57 Risks of VPN Remote Access Router

Lecture 58 Security Maturity Levels as in IEC/ISA 62443

Lecture 59 Introduction to the ICS ATT&CK Framework

Lecture 60 Understanding common used techniques by creating a heatmap in ATT&CK

Lecture 61 Developing a Threat Scenario on the PLC and HMI using ATT&CK - Task

Lecture 62 Developing a Threat Scenario on the PLC and HMI using ATT&CK - Solution

Lecture 63 Mitigating Threats using the ATT&CK Mitigation Recommendations

Lecture 64 Developing a Threat Scenario using HAZOP and Dynamical Systems Theory

Lecture 65 Developing a Threat Scenario using the Use Case Abuse Model (OT Thought Model)

Lecture 66 Adding Identified Risks to the Report

Lecture 67 Summary of Risk Assessment and Threat Modelling

Section 10: Protection Techniques

Lecture 68 Introduction to Protection Techniques

Lecture 69 The Purdue Reference Model and the Automation Pyramid

Lecture 70 Defense in Depth Model

Lecture 71 System Hardening of the PLC

Lecture 72 System Hardening of the HMI and Secure HMI Screen Design

Lecture 73 System Hardening vs Threat Scenario in ICS ATT&CK

Lecture 74 Reducing the Risks of a Flat OT Network with Network Segmentation

Lecture 75 Best Practises for Secure Remote Access

Lecture 76 Remote Access via Jump Host

Lecture 77 Attack Surface Reduction with Secure Coding

Lecture 78 Adding Mitigation Recommendations to the Report

Lecture 79 Summary of Protection Techniques

Section 11: Connecting the IT and OT Worlds

Lecture 80 Introduction to Connecting the IT and OT Worlds

Lecture 81 Understanding the Workforce of the OT Side

Lecture 82 Analytical and Narrative Persuation

Lecture 83 Evolution of OT Devices

Lecture 84 Summary of Connecting the IT and OT Worlds

Lecture 85 Thank You, Closing Thoughts and Free ICS/OT Security Ressources

People who are curious about methods to assess and strengthen the cybersecurity posture of an OT environment.,Participants of Practical Industrial Control System Penetration Testing,IT Professionals,Automation Experts