ICS/SCADA Security and Penetration Testing

nov-workshop-banner

The first international SCADA Security Training with ICS simulation and Cyber-War game system in Malaysia!

Click here to view more on ICS Simulation and Cyber-War game system

  • Venue: Condition Zebra Professional Learning Centre
  • Date: May 22-25, 2017 (4 days)
  • Time: 9.00am – 5.00pm

ICS/SCADA is the most important system that widely use in many Critical National Information Infrastructure including power plants, factories, transportations, national defence & security, food & agriculture all over the world. However, the SCADA system is not well secured and has lots of vulnerabilities on the network structure, protocol, and product.

These systems control critical components of industrial automation networks. If there’s a problem with it, the essential services (such as water and power) could shut down the services for thousands or millions of people.

Therefore, it makes SCADA system to exposed to more bigger risk than normal IT infrastructure. These risks can be connected to cyber warfare and cyber terror that cause huge accident to an organization or even a country.

This ICS/SCADA security training covers from the basic contents of SCADA system, real cases of SCADA system and various techniques to scan, hack and penetrate into it. It also teaches participants how to manage incident response and how to find the zero day vulnerabilities against the SCADA system.

During the training, participants will be provided with Cyber-War game system. It’s a cyber drill simulation for ICS/SCADA system as a demonstration. The participant will be able to evaluated their skill and knowledge with the system. It also shows real time competitions status of cyber-war with live scoreboard. 

At the end of the training, participants will have better understanding and skills to assess and securing their ICS/SCADA system.

Come, join us to learn the art of SCADA security!

Seats are limited. Reserve your seat now!

 

Course Outline:

  • ICS Introduction
  • ICS/SCADA Architecture and Components
  • ICS/SCADA Case Study
  • Scanning for HMIs and PLCs, then lead to Web Hacking
  • SCADA Vulnerabilities (1-Day)
  • Bypass Air-Gap
  • Network Protocols for SCADA
  • SCADA Network Analysis
  • Penetration Testing on Power Plants and Transportation System (0-day)
  • SCADA Vulnerabilities (0-Day)
  • Incident Response for SCADA System

 

Requirements:

  • Understanding of network and basic knowledge of TCP/IP
  • Participants can be anyone involved in securing a SCADA system, such as SCADA supervisors, analysts, system administrators and SCADA vendors
  • Desire to learn the method to secure cyber critical infrastructure

 

Learning Outcome:

  • Understand how the ICS/SCADA field is exposed to cyber threat and how vulnerable they are
  • How to diagnose which point has potential weakness and how to harden it
  • How to response when attacker breaches into the network or system
  • How to protect their facility from further cyber attack

 

Who Should Attend:

ICS/SCADA related engineer, administrator or manager. Cyber security researcher or consultant who has interest in ICS/SCADA field

 

Training Materials Provided:

  • Trainer slides
  • Equipment (including PLC – LS master K120S, bluetooth kit – Parani SD1000U, and etc.)
  • Tools and samples

 

Trainer Profile:

Louis Hur

Louis Hur is the CEO & Founder of NSHC Inc. He is responsible for NSHC’s day-to-day operations, as well as leading the company’s security product development and technology strategy. He is recognized throughout the security industry for his research in multiple areas including adversary profiling, industrial control systems security and software vulnerability research & analysis. He has more than 15 years of field-proven experience in security business that helps clients reduce their enterprise-wide IT security risk. He is also a frequent speaker on Internet Security issues and has appeared as an expert advisor in various media outlets and conferences, including HK TV, MBC, Black Hat, HITCON, ISEC, CISO Forum and Safe-Square.

Edward, Seungjun Lee

Seungjun worked as a freelancer for penetration test over 4 years and software engineering over 5 years. His main job is training organization or government agency like Cyber Police, National Security Agency, and Ministry of Defense. He is interested in Artificial Intelligence research and development of game. He has a lot of experience in various government agency as well as pen testing and training.

Seats are limited. Reserve your seat now!

 

Login

Password Reset
Please enter your registered e-mail address for InfoRisk 360 Instructor Portal. You will receive a new password via e-mail.