Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Nakatomi Space - Lateral Movement as L1 Post-Exploitation in OT

Hack In The Box Security Conference via YouTube

Overview

Explore lateral movement techniques in Operational Technology (OT) networks through this conference talk from the Hack In The Box Security Conference. Delve into the vulnerabilities of Purdue Reference Model Level 1 (L1) devices like PLCs and DCS controllers, and understand how they can be exploited to bypass security perimeters in interfaced Basic Process Control System (BPCS) and Safety Instrumented System (SIS) architectures. Examine real-world BPCS/SIS architectures and 3rd party package unit setups, focusing on lateral movement options at the lowest Purdue levels. Witness an in-depth demonstration of a multi-stage exploit chain, featuring previously undisclosed authentication bypass and RCE vulnerabilities in a widely used PLC. Gain insights into hardening strategies to mitigate attacker lateral movement at the lowest Purdue levels, enhancing overall OT network security.

Syllabus

#HITB2023AMS D1T1 - Nakatomi Space: Lateral Movement As L1 Post-Exploitation In OT - Jos Wetzels

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Nakatomi Space - Lateral Movement as L1 Post-Exploitation in OT

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.