CYRIN's New Attack Scenario - On An HVAC Scada System

Brought to you by CYRIN


CYRIN's New Attack Scenario - on an HVAC Scada System


In this new Level Three scenario from CYRIN the student is presented with an OT (Operational Technology) network that controls the HVAC system for a building. Malware in the network has forced the temperature in the building to uncomfortably low values.

The student is tasked with finding the source of the Modbus commands forcing the low temperatures: the computer originating the commands and the malware process on the computer. The malware might have hidden itself; the student must unhide the process and kill it.

The student should have some familiarity with: (1) The Linux operating system, including commands to view processes and network connections, (2) The pfSense firewall. Students without these prerequisites should consider completing the CYRIN labs, Linux Operating System Fundamentals for Systems Administrators and Firewall Configuration with pfSense, before attempting this attack scenario.

Why this is Important
Hackers today have the capability to gain access to company information through the building control systems. The Industrial Control Industry is experiencing rapid digital transformation, driven by the adoption of smart technologies and interconnected systems. While these innovations provide greater efficiency and convenience, they also expose companies to significant cybersecurity risks. Every unsecured IoT device, every connected endpoint becomes a potential target for cyber attacks.

Like all our labs, this new attack scenario is mapped to the NIST NICE Framework, the MITRE ATT&CK Matrix and appropriate NSA CAE-CD and CAE-CO Knowledge Units.

These development efforts keep CYRIN at the forefront of new and innovative ways to train and teach cybersecurity. Inexpensive, easy-to-use and tailored to your schedule, the CYRIN labs are your entry to the world of cybersecurity.

To learn more about our content visit the CYRIN catalog page.


CYRIN – Where Training and Education Comes to You.



Image: Arkadiusz Warguła

You Might Also Read:

Salt Typhoon - The Chinese Telecom Hack:


If you like this website and use the comprehensive7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« Immutable Backup: Have The Last Word Against Ransomware
Ransomware Readiness: Transforming Threat Into Organizational Resilience »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Internet Security Alliance (ISA)

Internet Security Alliance (ISA)

ISA is an international trade association providing thought leadership in advancing a sustainable system of cyber security.

ThreatHunter.ai

ThreatHunter.ai

ThreatHunter.ai (formerly Milton Security) is a business that tracks down and mitigates attacks in real time using our ARGOS Platform and our Elite Threat Hunters.

Texplained

Texplained

Texplained specializes in security audits of microchips to identify vulnerabilities and protect against invasive cyber attacks.

IDnext

IDnext

IDnext is the open and independent platform to support innovative approaches in the world of the Digital identity.

Basis Technology

Basis Technology

Basis Technology provides software solutions for text analytics, information retrieval, digital forensics, and identity resolution.

H-ON Consulting

H-ON Consulting

H-ON Consulting develops and applies robust cyber security procedures enabling control systems to be secure.

Uniwan

Uniwan

Uniwan is an IT services company specializing in networking and security.

Adzuna

Adzuna

Adzuna is a search engine for job ads used by over 10 million visitors per month that aims to list every job everywhere, including thousands of vacancies in Cybersecurity.

Q6 Cyber

Q6 Cyber

Q6 Cyber is an innovative threat intelligence company collecting targeted and actionable threat intelligence related to cyber attacks, fraud activity, and existing data breaches.

Defscope

Defscope

Defscope is an Azerbaijani company entirely focused on cybersecurity offering training, security consulting, and other professional services.

Green Enterprise Solutions

Green Enterprise Solutions

Green Enterprise Solutions are a Namibian company providing Information and Communication Technology (ICT) services to corporate Namibia.

Valeo Networks

Valeo Networks

Valeo Networks is a full-service Managed Security Service Provider (MSSP). We partner with organizations to remove the burden of technology so that they can focus on growing their business.

Gorilla Technology Group

Gorilla Technology Group

Gorilla specializes in video analytics, OT network security and big data to support a wide range of solutions for commercial, industrial, cities and government purposes.

Acronis

Acronis

At Acronis, we protect the data, applications, systems and productivity of every organization – safeguarding them against cyberattacks, hardware failures, natural disasters and human errors.

Runecast Solutions

Runecast Solutions

Runecast Solutions is a global leader in AI-powered risk mitigation, security, continuous compliance and more efficient IT operations management.

Sacumen

Sacumen

Sacumen is a niche player in the cybersecurity market, solving critical problems for security product companies.