Learn to defend crucial ICS/SCADA infrastructure from devastating attacks the tried-and-true Hacking Exposed way
This practical guide reveals the powerful weapons and devious methods cyber-terrorists use to compromise the devices, applications, and systems vital to oil and gas pipelines, electrical grids, and nuclear refineries. Written in the battle-tested Hacking Exposed style, the book arms you with the skills and tools necessary to defend against attacks that are debilitating—and potentially deadly.
Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions explains vulnerabilities and attack vectors specific to ICS/SCADA protocols, applications, hardware, servers, and workstations. You will learn how hackers and malware, such as the infamous Stuxnet worm, can exploit them and disrupt critical processes, compromise safety, and bring production to a halt. The authors fully explain defense strategies and offer ready-to-deploy countermeasures. Each chapter features a real-world case study as well as notes, tips, and cautions.
- Features examples, code samples, and screenshots of ICS/SCADA-specific attacks
- Offers step-by-step vulnerability assessment and penetration test instruction
- Written by a team of ICS/SCADA security experts and edited by Hacking Exposed veteran Joel Scambray
|Sold by:||Barnes & Noble|
|File size:||30 MB|
|Note:||This product may take a few minutes to download.|
About the Author
Clint Bodungen (Houston, TX) is an industry-recognized ICS/SCADA security researcher and penetration testing expert with more than 20 years of experience.
Bryan L. Singer, CISSP, CAP (Montevallo, AL), is an industry-recognized industrial security expert and principal investigator with Kenexis Security Corporation.
Aaron Shbeeb (Houston, TX) has worked for more than a decade in a variety of programming and security positions, including ICS/SCADA, and specializes in secure programming practices.
Kyle Wilhoit (Festus, MO) is a senior threat researcher at Trend Micro. He focuses on original threat, malware, vulnerability discovery/analysis, and criminal activity on the Internet.
Stephen Hilt (Chattanooga, TN) is an Information Security and ICS Security expert and researcher who has published numerous ICS-Specific Nmap scripts that identify ICS protocols via native commands.
Table of ContentsPart 1: Setting the Stage: Putting ICS Penetration Testing in Context
Case Study 1: Recipe for Disaster
Chapter 1: Introduction to ICS [in] Security
Chapter 2: ICS Risk Assessment
Chapter 3: ICS Threat Intelligence/Threat Modeling
Case Study 2: The Emergence of a Threat Part 2: Hacking Industrial Control Systems
Case Study 3: A Way In
Chapter 4: ICS Hacking (Penetration Testing) Strategies
Chapter 5: Hacking Industrial Protocols
Chapter 6: Hacking ICS Devices and Applications
Chapter 7: ICS "Zero Day" Vulnerability Research
Chapter 8: ICS Malware
Case Study 4: Foothold Part 3: Putting It All Together: ICS Risk Mitigation
Case Study 5: How Will it End?
Chapter 9: ICS Cybersecurity Standards Primer
Chapter 10: ICS Risk Mitigation and Countermeasure Strategies Part 4: Appendices Appendix A: Glossary of Acronyms and Abbreviations
Appendix B: Glossary of Terminolog
Appendix C: ICS Risk Assessment and Penetration Testing Methodology Template