Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Exfiltrating Reconnaissance Data from Air-Gapped ICS - SCADA Networks

Black Hat via YouTube

Overview

Explore a Black Hat conference talk that delves into the scenario of an attacker compromising air-gapped industrial control systems (ICS) and SCADA networks using autonomous malware. Learn about reconnaissance techniques used to discover network topology, identify specific industrial devices, and potentially extract sensitive intellectual property. Understand the intricacies of programmable logic controllers (PLCs), including PLC blocks, leather logic, and frequency manipulation. Discover various attack vectors, data exfiltration methods, and detection techniques. Examine the impact of power surges, PLC modes, and CPU utilization on these systems. Investigate passive monitoring, reverse engineering, and the challenges of outdated software in ICS/SCADA environments. Gain insights into the potential vulnerabilities of critical infrastructure and the sophisticated methods employed by threat actors targeting air-gapped networks.

Syllabus

Introduction
What are OT networks
Getting to OT networks
Attack vectors
Introduction to PLCs
PLC Blocks
Leather Logic
Frequency
Letter Logic
Receiving
Receiving Data
Detection
Questions
Power surges
PLC modes
CPU utilization
PLC CPU utilization
PLC noise
disturbances on other instructions
testing other instructions
whats producing the AM directing
reading data from 1m
better antenna
better result
outdated software
passive monitoring
reverse engineering

Taught by

Black Hat

Reviews

Start your review of Exfiltrating Reconnaissance Data from Air-Gapped ICS - SCADA Networks

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.