Back to articles
Articles
Volume: 33 | Article ID: art00010
Image
Conception and Implementation of Professional Laboratory Exercises in the field of ICS/SCADA Security - Part I: Fundamentals
Maximilian Richter
Klaus Schwarz
Reiner Creutzburg
  DOI :  10.2352/ISSN.2470-1173.2021.3.MOBMU-073  Published OnlineJune 2021
Abstract

Industrial control systems are essential for producing goods, electricity generation, infrastructure maintenance, and the transport of energy, water, and gas. They form the core of the critical infrastructure of modern industrial nations and are therefore of particular interest. Through the increased inter-connectivity of formerly isolated ICS process environments and standard IT technologies such as Ethernet, processes can be optimized and synergies leveraged. However, ICS/SCADA also becomes the target of the same cyber-attacks as conventional IT systems. Therefore, it is necessary to combine IT security has accumulated knowledge and experience with the classic Safety-First-mentality of ICS/SCADA environments to avoid significant problems in the foreseeable future. The new course was created for precisely this purpose. The investigation of the security of systems and organizations in Red and Blue Teams has long proven it is worth and is used worldwide. The first part of the Red Team side exercise deals specifically with finding and exploiting security vulnerabilities. Red Teaming refers to an independent group that acts as a counterpart to an organization to improve its operational effectiveness and enhance its security. It is the declared goal of the Red Team to detect security vulnerabilities. This work is intended to convey this interfacing knowledge; in the practical exercises for Red Teaming, these hybrid infrastructures and systems’ weak points are identified and exploited. Students will participate in numerous hands-on exercises throughout the course using the tools and techniques that form the basis for attacks on infrastructure, such as industrial control systems. A detailed accompanying theory precedes the exercises, and the course is structured as follows:Introduction <list list-type="bullet"> <list-item>ICS Cyber Kill Chain</list-item> <list-item>Types of information gathering</list-item> </list>Red Team Tools <list list-type="bullet"> <list-item>Nmap</list-item> <list-item>Maltego</list-item> <list-item>Shodan</list-item> <list-item>Google hacking</list-item> <list-item>The Harvester</list-item> <list-item>Wireshark</list-item> <list-item>GrassMarlin</list-item> <list-item>Metasploit Framework (MSF)</list-item> <list-item>John the Ripper</list-item> </list>Exercise 1 - Open Source Intelligence (OSINT) <list list-type="bullet"> <list-item>Gathering information with Maltego</list-item> <list-item>Find Remote Access with Google and Shodan</list-item> </list>Exercise 2 - Analysis of network recordings <list list-type="bullet"> <list-item>Analysis of ICS network recordings with Wireshark</list-item> <list-item>Analysis of ICS network recordings with GrassMarlin</list-item> </list>

Journal Title : Electronic Imaging
Publisher Name : Society for Imaging Science and Technology
Publisher Location : IS&T 7003 Kilworth Lane • Springfield, VA 22151 USA
Subject Areas :
Views 25
Downloads 10
 DOI 10.2352/ISSN.2470-1173.2021.3.MOBMU-073
 articleview.views 25
 articleview.downloads 10
  Cite this article 

Maximilian Richter, Klaus Schwarz, Reiner Creutzburg, "Conception and Implementation of Professional Laboratory Exercises in the field of ICS/SCADA Security - Part I: Fundamentalsin Proc. IS&T Int’l. Symp. on Electronic Imaging: Mobile Devices and Multimedia: Technologies, Algorithms &amp; Applications,  2021,  pp 73-1 - 73-13,  https://doi.org/10.2352/ISSN.2470-1173.2021.3.MOBMU-073

 Copy citation
  Copyright statement 
Copyright © Society for Imaging Science and Technology 2021
72010604
Electronic Imaging
2470-1173
Society for Imaging Science and Technology
IS&T 7003 Kilworth Lane • Springfield, VA 22151 USA
10.2352/ISSN.2470-1173.2021.3.MOBMU-073
2470-1173(20210618)2021:3L.731;1-
ei_24701173_v2021n3_input/s12.xml
/ist/ei/2021/00002021/00000003/art00010
Articles
Conception and Implementation of Professional Laboratory Exercises in the field of ICS/SCADA Security - Part I: Fundamentals
RichterMaximilian
SchwarzKlaus
CreutzburgReiner
18062021
2021
3
73-1
73-13
2021
Industrial control systems are essential for producing goods, electricity generation, infrastructure maintenance, and the transport of energy, water, and gas. They form the core of the critical infrastructure of modern industrial nations and are therefore of particular interest. Through the increased inter-connectivity of formerly isolated ICS process environments and standard IT technologies such as Ethernet, processes can be optimized and synergies leveraged. However, ICS/SCADA also becomes the target of the same cyber-attacks as conventional IT systems. Therefore, it is necessary to combine IT security has accumulated knowledge and experience with the classic Safety-First-mentality of ICS/SCADA environments to avoid significant problems in the foreseeable future. The new course was created for precisely this purpose. The investigation of the security of systems and organizations in Red and Blue Teams has long proven it is worth and is used worldwide. The first part of the Red Team side exercise deals specifically with finding and exploiting security vulnerabilities. Red Teaming refers to an independent group that acts as a counterpart to an organization to improve its operational effectiveness and enhance its security. It is the declared goal of the Red Team to detect security vulnerabilities. This work is intended to convey this interfacing knowledge; in the practical exercises for Red Teaming, these hybrid infrastructures and systems’ weak points are identified and exploited. Students will participate in numerous hands-on exercises throughout the course using the tools and techniques that form the basis for attacks on infrastructure, such as industrial control systems. A detailed accompanying theory precedes the exercises, and the course is structured as follows:Introduction <list list-type="bullet"> <list-item>ICS Cyber Kill Chain</list-item> <list-item>Types of information gathering</list-item> </list>Red Team Tools <list list-type="bullet"> <list-item>Nmap</list-item> <list-item>Maltego</list-item> <list-item>Shodan</list-item> <list-item>Google hacking</list-item> <list-item>The Harvester</list-item> <list-item>Wireshark</list-item> <list-item>GrassMarlin</list-item> <list-item>Metasploit Framework (MSF)</list-item> <list-item>John the Ripper</list-item> </list>Exercise 1 - Open Source Intelligence (OSINT) <list list-type="bullet"> <list-item>Gathering information with Maltego</list-item> <list-item>Find Remote Access with Google and Shodan</list-item> </list>Exercise 2 - Analysis of network recordings <list list-type="bullet"> <list-item>Analysis of ICS network recordings with Wireshark</list-item> <list-item>Analysis of ICS network recordings with GrassMarlin</list-item> </list>
open source intelligenceOSINTcybersecurityRed TeamBlue TeamShodanMaltegoCensys