Once again, Hackers-Arise receives international recognition in SCADA Hacking! On March 28, 2017, OTW detailed here how an attacker can get the Schneider Electric Modicom TM221 to spew out key information that an attacker can use to exploit the system. You can read about it here. Today, April 10, 2017, that vulnerability was recognized by […]

Nearly every SCADA/ICS system is built around programmable logic controllers or PLC’s. To understand the vulnerabilities of these systems, you must have some basic understanding of the programming of these systems. In this tutorial, we will learn a bit of PLC ladder programming to help you understand the logic and programming of the essential PLC’s […]

One of the challenges of hacking/pentesting SCADA/ICS has been that the protocols employed by this industry are different and distinct from “normal” IT. SCADA/ICS installations use a wide variety of protocols that often share little with the well-known Ethernet and TCP/IP protocols. For years, this difference has shielded these installations from security issues as a […]

In an earlier article, I laid out some of the varied methods of risk assessment in SCADA/ICS systems from academia, government and industry groups. As I pointed out there, SCADA/ICS risk estimation is especially difficult and nebulous. The probabilities of an event are difficult-to-impossible to obtain and the consequences of the event are sometimes so […]

SCADA/ICS security is probably the most important and most overlooked field of cyber security. In an era where cyber warfare is an everyday occurrence and cyber terrorism is an ongoing threat, these huge industrial facilities have large bulleyes on their backs. In some cases, taking down or disrupting just one of these plants could cost […]

Introduction One of the most crucial activities involved in securing SCADA/ICS systems is the initial Risk Assessment. Risk assessment is considered one of the industry’s Best Practices. If you presently work in information security, you are probably aware that risk assessment can be slippery and nebulous concept. Identifying and quantifying risk in any information technology […]

One the most important distinguishing characteristics of SCADA/ICS systems from that of traditional IT systems is that these systems communicate by distinctly different and, sometimes, proprietary protocols. In my previous tutorial, I detailed the inner anatomy of a the most common SCADA/ICS protocol, MODBUS. In this article we will examine probably the second most widely […]

As a penetration tester/hacker, we have many resources we can use to test SCADA/ICS system security. One of the most popular is the Metasploit Framework. Here, I have tried to compile a list of most of the Metasploit modules that are useful for testing/hacking SCADA/ICS. Please keep in mind that SCADA/ICS sites use varied hardware […]

SCADA/ICS systems use many different protocols to communicate than your standard IT systems. The most widely used and the de facto standard is the modbus protocol. First developed by Modicon (now Schneider Electric) in 1979 as a serial protocol, it has been modified and updated to run over TCP and is often referred to as […]