Simulating Attacks Against Hydroelectric Power Plants Using ICS Firing Range

Explore a comprehensive conference talk from DEF CON 32 that delves into building and exploiting an Industrial Control System (ICS) firing range to simulate cyberattacks on hydroelectric power plants. Learn about the critical aspects of attack simulation in infrastructure security, including the construction of physical and virtual networks, implementation of Active Directory environments, and intentional vulnerability placement. Follow along as the presentation demonstrates a complete Red Team assessment, from initial C2 infrastructure setup through the entire kill chain, while also examining defensive perspectives through analysis of network captures, Windows event logs, and memory dumps. Gain insights from both NVISO security professionals who built and attacked the firing range, and VERBUND's IT security team who utilize it for training, providing a balanced view of offensive and defensive strategies in protecting critical infrastructure.