TRAINING: Advance OT/ ICS Industrial Security with ICS Range & Tekniska – 2024/05/14
- Exceptional advanced training with hands-on elements.
- Intense day with coffee and lunch to strengthen your strength.
- Fantastic trainers – ICS cybersecurity practitioners from ICSRange and Tekniska.
- Limited number of participants.
- BYOD – the first 4 people can count on the use of Tekniska training laptops.
- Training in ENGLISH.
This advanced course provides IT/OT security professionals and ICS/OT engineers interested in testing and gaining new knowledge in industrial product and network OT security.
During the day, students will have access to the ICS Range OT security platform, a 24/7 interactive OT security platform.
This course introduces advanced tools and methods for both attacking and defending OT industrial environments.
Through a series of both blue team and red team exercises, the student is trained to identify and exploit vulnerabilities in real OT equipment.
The course also trains to investigate unusual activity in an industrial system or network. The course instructors are some of the leading experts in their field, coming from the ICS Range.
During this 1-day training you will learn:
- How to plan and implement a security assessment (pen-test) on an industrial network
- How to find security vulnerabilities in OT equipment and potentially exploit them.
- How to reverse engineer OT equipment.
- How to evaluate and examine network (pcap) files to find anomalies.
- Attacking a simulated power substation configuration.
- Apply newly acquired knowledge to both defending and attacking OT/ICS equipment.
Requirements:
- Please have a positive attitude, a willingness to learn and accept a possible steep learning curve, depending on your current skill set.
- We also ask that you bring a properly configured laptop with enough access rights to install software, for example (I7, 32 GB of RAM and 100 GB of free hard drive space) without any sensitive/critical data and Internet access.
- Please pre-install the Kali Purple Linux distribution from OffSec on your laptop before attending the class.
- Basic knowledge and understanding of the industrial world of OT/ICS.
- The participant, using his own hardware during the course, can have the Kali Linux operating system installed directly or Windows with Kali Linux as a virtual machine. Regardless of the option chosen, the participant must be able to operate the software and hardware independently (IT support will not be provided to participants by instructors).
- While the first hour is devoted to a quick refresher on OT safety, this is not the usual OT introductory class found elsewhere!
- Prior experience in network assessment, IT/OT security assessment and software reversal knowledge would be highly beneficial and recommended to get the full value of this class.*
Trainers Team
- Mikael Vingaard
is the CEO and founder @ ICS Range and has 25+ years of experience within Blue & Red teams, auditing and other activities within IT/OT critical infrastructure.
Mikael has taught (and is teaching) OT (Operational Technology) security at many different OT security conferences and is a sought-after key-note speaker and instructor, also currently the only student in the global OT SANS alumni community, that have awarded 4 of 4 challenge coins (SANS 410/515/612/456 classes).
He has been working with large organizations, critical infrastructure providers and government entries – to provide a better understanding of OT Security, with a real-life perspective – taken from his vast knowledge on previous assignments.
Also working with ICS/SCADA Honeypots threat intelligence – building real OT/ICS threat intelligence.
Samples of Mikael’s public work
CVE-2016-9367 | https://www.cisa.gov/uscert/ics/advisories/ICSA-16-336-02
CVE-2018-10632 | https://ics-cert.us-cert.gov/advisories/ICSA-18-200-04
CVE-2019-10953 | https://www.cisa.gov/uscert/ics/advisories/ICSA-19-106-03 - Jens Nielsen is a 26-year-old security researcher from Denmark who started in IT-security and moved to OT-security in 2022.
In December 2021 He was a front-runner for patching during the log4j incident, creating PowerShell scripts for deployment with BCM to find vulnerable applications and patch them automatically, before any official tools were available.
Jens is heavily involved in the CTF community and has been playing at the highest level with Kalmarunionen for 3 years. He has also taken part of the Danish national championships in hacking, where in 2022 he placed 1st in his region and 6th in the national rankings.
Jens’ strengths are mainly found in low-level systems, with a deep understanding of reverse engineering and binary exploitation. This skillset has been used to find multiple vulnerabilities in different types of systems.
He found his first real 0-day vulnerability during the CTF Real-World CTF Jan 24th 2022. Where he discovered a path traversal vulnerability in the Qiling Framework, which allows for a sandbox escape.
He has since found, helped find, and responsibly reported multiple bugs in OT systems under ICSRange, including, but not limited to:
CVE-2022-2044
CVE-2022-2043
CVE-2022-3088
CVE-2023-1257
CVE-2023-20235 - Piotr Urbańczyk – GRID, C)NFE, C)PTE, GIAC Advisory Board,Senior SCADA Security Architect from Tekniska.
Security professional since 2006. Computer networks since 2001. Broke his first computer to his parents in 1992. Experienced in battle on the ground of multinational corporations as well as state-owned companies. Most of his professional experience was gained in power system environments. Currently at Tekniska, he is involved in control system safety architecture. He continues to break down computers, networks and systems on behalf of their owners, both as a hobby and professionally. He is a certified network engineer, computer forensic scientist and pentester. He has earned GRID certification and membership on the GIAC Advisory Board – they say he knows his way around ICS security.
* If you need intro training or prefer to attend a theoretical or less advanced training/workshop – let us know – if there are more of you we will organize such an event (No individual IT support service will be provided during the class on the participant’s own laptop).