ICS/SCADA Security

by Edward Lee & Ellie Kim, NSHC

ICS/SCADA systems including power plants, factories, and transportation systems are some of the most critical systems in use today. There are a lot of vulnerabilities in SCADA systems that lie within not only the core protocols but also specific product vulnerabilities and network structures could expose an installation to attacks far more complex than traditional networks. This 3-day course has everything you need to take ICS systems apart, examine them for inherent weaknesses and plan on how to protect these facilities — many of which are 'unpatchable'. 
 
This 3-day course caters to engineers and researchers who wish to explore ICS/SCADA systems and will take them from the fundamentals of ICS security up to more advanced techniques. You will go away with the knowledge needed to perform real-world penetration tests against ICS installations and find your own 0-day vulnerabilities in ICS environments. 
 
All subjects in this course are taught using actual ICS products and miniaturised ICS systems for visualisation. 
 
This 3-day course will take place on 21-23 May 2018.
The cost of this training course is $4,000 SGD
 
Topics
  • ICS Introduction 
  • ICS/SCADA Architecture & Components 
  • ICS/SCADA Case Study
  • Scanning for HMIs & PLCs, then lead to Web Hacking
  • SCADA Vulnerabilities (1-Day)
  • Bypass Air-Gap (Radio Frequency, Bad USB, DNS, etc.)
  • Network Protocol Vulnerabilities of ICS/SCADA Devices
  • ICS/SCADA Network Analysis
  • Pentest into ICS Facilities (0-Day)
  • ICS/SCADA Vulnerabilities (0-Day)
  • Incident Response for SCADA System
Who Should Attend
  • IT/OT Managers & Engineers in ICS/SCADA facilities
  • Red Team members who want to pentest ICS/SCADA systems 
  • Members of the military or government cyber-warfare units 
  • Penetration Testers tasked with bypassing air-gap
 
Pre-requisite Knowledge
  • Basic knowledge of system hacking 
  • Basic knowledge of programming (C, Python) and system command would be a plus
  • Understand network and basic knowledge of TCP/IP
 
Hardware / Software Requirements
  • A laptop (64-bit, 8GB RAM, 30GB free hard drive space minimum)
  • VMware Fusion / Workstation / Player installed (Trial Version is OK)
 
About the Trainers
Edward Lee worked as a freelancer for penetration test over 8 years and software engineering over 5 years. His main job is training organisation or government agency like Cyber Police, National Security Agency, and the Ministry of Defense. He is interested in Artificial Intelligence (AI) research and development of games. He has a lot of experience in various government agencies as well as pentesting and training.
Ellie Kim is a Researcher at NSHC.

Infosec in the City. Copyright © 2017-2019
IIC Productions (Pte. Ltd.). All rights reserved.

  • @infoseccity
  • @infosec_city

Contact Us  |  Join Our Mailing List   |  Follow Us :