Welcome back, my aspiring cyberwarriors! Recent events have once again emphasized the importance of SCADA security! On May 7, 2021, Colonial Pipeline was attacked with ransomware and was forced the close down a pipeline carrying 45% of the gasoline to major US East Coast cities (NYC, Philadelphia, Washington DC, etc.). This set up gasoline shortages […]
Continue Reading
Welcome back, my aspiring SCADA Security Engineer! As you know, SCADA/ICS systems around the world are under attack. These systems are industrial systems that make up the infrastructure of any nation’s economy and are the prime targets in any cyberwar. In such a war, these systems can be easily found via a variety of tools […]
Continue Reading
As white-hat hackers, ultimately we want to be able to develop exploits for SCADA/ICS systems. In this way, we can find vulnerabilities and exploits before the Black Hats and patch the vulnerability before any bad guys take advantage of it. In this article, I want to give you a basic outline of the process of […]
Continue Reading
Welcome back, my aspiring SCADA cyber warriors! SCADA/ICS infrastructure is under continuous threat. These systems are crucial to any nation’s economic health and well-being and are the primary target in any cyber war. These systems include the electrical grid, waster water systems, manufacturing, petrochemical refining, chemical processing and nearly any industrial process. If an adversary […]
Continue Reading
Welcome back, my aspiring SCADA/ICS cyberwarriors! Let’s begin by congratulating you on your foresight in committing to study SCADA/ICS hacking and security. This is certainly THE most important security issue this decade! In general, SCADA/ICS hacks have been of two types; Hack the protocols (modbus, DNP3, Profitnet, etc); Hack the Human Machine Interface (HMI) In […]
Continue Reading
SCADA and ICS systems control industrial processes around the world. Everything from railroads, to traffic lights, to oil refineries to commercial buildings are all controlled by these SCADA/ICS systems. Some of the recent concern about these systems is the possible hacking of them by terrorists or by cyber war opponents. In either case, the results […]
Continue Reading
Welcome back, my tenderfoot hackers! Google Hacking and Dorks As most of you know, Google crawls the globe and stores and indexes the information it finds on nearly every web site and page. Saying this involves a lot of information is an significant understatement. Few people, though, understand that Google has a proprietary language to […]
Continue Reading
As you study SCADA/ICS hacking and security, it is useful to look back at some of the most successful SCADA/ICS attacks in history. In this way, you may gain some insight as to how future attacks may attempt to infiltrate your industrial control systems. Among the most famous and ingenious of these SCADA/ICS attacks became […]
Continue Reading
Welcome back, my aspiring network forensic investigators! Now that you have a basic understanding of Wireshark and have conducted an analysis of a malware attack using Wireshark, let’s expand our purview of network attacks to that critical but often overlooked area of IT security, SCADA/ICS security. Unlike most attacks on IT security, attacks on SCADA/ICS […]
Continue Reading
SCADA and Industrial Control Sites (ICS) are among the most crucial and most vulnerable sites. These sites include everything from nuclear power plants, to home HVAC systems and everything in between. The security of these systems is slightly different than traditional IT systems. In traditional IT systems we are protecting the data. With SCADA/ICS systems […]
Continue Reading