Presented at
BruCON 0x09 (2017),
Oct. 6, 2017, 1:30 p.m.
(240 minutes).
There is a lot of talking about ICS, SCADA and such nowadays, but only few people have the opportunity to get their hands dirty and understand how it works. The goal of this workshop is to give the knowledge required to start attacking Scada networks and PLCs, and give hands-on experience on real devices and have fun hacking a model train !
In this workshop, you will learn the specifics of performing a penetration test on industrial control systems, and especially on Programmable Logic Controllers (PLCs). We will cover the main components and the commonly associated security flaws of industrial control systems, aka SCADA systems. We will discover how they work, how they communicate with the SCADA systems, to learn the methods and tools you can use to p*wn them.
Then we will move on to real-world by attacking real PLCs from two major manufacturers on a dedicated setup featuring a robot arm and a model train !
Presenters:
-
Alexandrine Torrents
Alexandrine Torrents is a cybersecurity consultant at Wavestone, a French consulting company. She is specialized in penetration testing, and performed several security assessment on ICS. She worked on a few ICS models to demonstrate attacks on PLCs and she developed a particular tool to request Siemens PLCs. Moreover, she is also working at securing ICS, in the scope of the French military law, enforcing companies offering a vital service to the nation to comply to security rules.
-
Arnaud SoulliƩ
Arnaud SoulliƩ is a manager at Wavestone, performing security audits and leading R&D projects. He has a specific interest in Active Directory security as well as ICS, two subjects that tend to collide nowadays. He teaches ICS security and pentests workshops at security conferences (BlackHat Europe 2014, BSides Las Vegas 2015/2016, Brucon 2015, DEFCON 24) as well as full trainings (Hack In Paris 2015).
Links:
Similar Presentations: