Explore deep lateral movement techniques in operational technology (OT) networks through this Black Hat conference talk. Examine various tactics, techniques, and procedures (TTPs) attackers can deploy to navigate through embedded device networks at the lowest levels. Gain insights into the security vulnerabilities of Purdue Reference Model Level 1 (L1) devices such as PLCs and RTUs, which are often treated as security perimeters despite their notorious insecurity. Discover how these devices, positioned at the intersection of multiple mixed networks (Ethernet, Industrial wireless, Fieldbus, etc.), can be exploited for lateral movement. Learn about the implications of treating L1 devices as security boundaries without proper hardening and risk profiling. Presented by Jos Wetzels, this 46-minute talk provides valuable knowledge for cybersecurity professionals and OT network administrators seeking to enhance their understanding of potential attack vectors in industrial control systems.
Nakatomi Space - Lateral Movement as L1 Post-exploitation in OT
Overview
Syllabus
Nakatomi Space: Lateral Movement as L1 Post-exploitation in OT
Taught by
Black Hat
Related Courses
-
Nakatomi Space - Lateral Movement as L1 Post-Exploitation in OT
-
The Industrial Revolution of Lateral Movement
-
Confessions of an IT OT Marriage Counselor
-
Network Defender Archeology - An NSM Case Study in Lateral Movement with DCOM
-
5 Lessons Learned From the ICS Frontlines - 2020 Year in Review
-
Catching WMI Lateral Movement in an Enterprise Network
