top of page
Search
Writer's pictureInfosec In the City (IIC)
Dec 1, 20172 min read

#IICSG2018 Training — ICS/SCADA Security

by Edward Lee & Ellie Kim, NSHC


ICS/SCADA systems including power plants, factories, and transportation systems are some of the most critical systems in use today. There are a lot of vulnerabilities in SCADA systems that lie within not only the core protocols but also specific product vulnerabilities and network structures could expose an installation to attacks far more complex than traditional networks. This 3-day course has everything you need to take ICS systems apart, examine them for inherent weaknesses and plan on how to protect these facilities — many of which are 'unpatchable'.  This 3-day course caters to engineers and researchers who wish to explore ICS/SCADA systems and will take them from the fundamentals of ICS security up to more advanced techniques. You will go away with the knowledge needed to perform real-world penetration tests against ICS installations and find your own 0-day vulnerabilities in ICS environments.  All subjects in this course are taught using actual ICS products and miniaturised ICS systems for visualisation. 


Date: 21-23 May 2018

Cost: $4,000 SGD


Topics

  • ICS Introduction 

  • ICS/SCADA Architecture & Components 

  • ICS/SCADA Case Study

  • Scanning for HMIs & PLCs, then lead to Web Hacking

  • SCADA Vulnerabilities (1-Day)

  • Bypass Air-Gap (Radio Frequency, Bad USB, DNS, etc.)

  • Network Protocol Vulnerabilities of ICS/SCADA Devices

  • ICS/SCADA Network Analysis

  • Pentest into ICS Facilities (0-Day)

  • ICS/SCADA Vulnerabilities (0-Day)

  • Incident Response for SCADA System

Who Should Attend

  • IT/OT Managers & Engineers in ICS/SCADA facilities

  • Red Team members who want to pentest ICS/SCADA systems 

  • Members of the military or government cyber-warfare units 

  • Penetration Testers tasked with bypassing air-gap

Pre-requisite Knowledge

  • Basic knowledge of system hacking 

  • Basic knowledge of programming (C, Python) and system command would be a plus

  • Understand network and basic knowledge of TCP/IP

Hardware / Software Requirements

  • A laptop (64-bit, 8GB RAM, 30GB free hard drive space minimum)

  • VMware Fusion / Workstation / Player installed (Trial Version is OK)

About the Trainers

Edward Lee worked as a freelancer for penetration test over 8 years and software engineering over 5 years. His main job is training organisation or government agency like Cyber Police, National Security Agency, and the Ministry of Defense. He is interested in Artificial Intelligence (AI) research and development of games. He has a lot of experience in various government agencies as well as pentesting and training.


Ellie Kim is a Researcher at NSHC.

62 views0 comments

コメント

bottom of page