API Cybersecurity Conference Industrial Control Systems Workshop. Sponsored by Alpine Security

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "API Cybersecurity Conference Industrial Control Systems Workshop. Sponsored by Alpine Security"

Transcription

1 API Cybersecurity Conference Industrial Control Systems Workshop Sponsored by Alpine Security

2

3 Intro Incidents ICS Overview Lab Environment ICS Discovery ICS Vulnerability Scanning ICS System Exploitation ICS Protocol Exploitation

4 Objectives Learn how to perform a safe security assessment on an ICS environment Hands-on experience with tools and methods used to test/exploit ICS systems and protocols Provide a valuable and fun experience

5 Expectations Hands-on Environment vs Reality Not a race - don t just blindly go through exercises If you get stuck, ask an ICS Workshop Team member for help Not a Hacking workshop Don t hack into anything other than your own Virtual Machines Foundation building workshop

6 Aaron Dellamano Dave Jones Myles Kellerman Rich Norton Daniel Sewell Chris White Paul Wojciechowski Christian Espinosa ICS Team Members

7 Logistics Cell Phones Breaks Snacks Restrooms Emergencies Questions Timing

8

9 ICS Incidents

10 Stats 43% of global mining, oil, and gas companies were victims of at least one cyber attack in 2014 Symantec Energy companies lose $13.2 million on average annually due to cyber incidents, higher than any other industry - Ponemon Institute $1.9 Billion cost to Oil and Gas by Reuters

11 Why ICS? ICS networks now connected to Internet Belief that standalone systems are secure Greater damage can be achieved with tangible consequences Hoover Dam

12 Targeted energy sector Compromised 100s of organizations globally Aimed at disrupting energy supplies Targeted petroleum pipeline operators Malicious Attack Energetic Bear

13 Malicious Attack Energetic Bear Attack Vectors Havex Trojan well-known malware Metasploit free well-known tool Spear-phishing Watering Hole Attacks Compromised SCADA/ICS software updates

14 Malicious Attack Saudi Aramco Saudi Aramco world s largest oil producer was attacked in August 2012 Shamoon malware erased data on over 30k computers Forced company offline for 10 days

15 Malicious Attack Turkish Oil Pipeline Explosion In 2008 an explosion of a Turkish oil pipeline was originally thought a malfunction Dec confirmed Russian hackers performed a cyber attack that over-pressurized crude oil in the pipeline

16 Non-Malicious Attack Discovery Scanning Incident Ping sweep was performed on network that controlled 9- foot robotic arms One arm became active - swung 180 degrees The person in the room was outside the reach of the arm

17 Non-Malicious Attack Vulnerability Scanning Incident A vulnerability scan was performed on a food manufacturer s network Some traffic made it onto the control network Caused all PLCs controlling manufacturing to hang Resulted in $1M worth of damage

18 Non-Malicious Attack Penetration Testing Incident A gas utility hired a security company to conduct penetration testing on the corporate IT network The security company ventured out of scope into the ICS network, locking up the ICS system Gas utility was not able to send gas through its pipelines for 4 hours

19 ICS Security Overview

20 Source:

21 Common ICS Vulnerabilities Out-of-date technologies Out-of-date Operating Systems Out-of-date applications Unsecure network connectivity Unsecure interfaces Virus protection weak or nonexistent Lack of monitoring War-dialing vulnerabilities Software overflow weaknesses Etc.

22 Known Vulnerabilities Search for scada

23 Known Vulnerabilities Search for hmi

24 Known Vulnerabilities Search for plc

25 Source:

26 Source:

27 Exercise Caution Scan test network or non-production systems Backup systems prior to scanning Don t scan critical systems or scan during critical operations timeframes If the system truly is critical, there should be a redundant pair Scan one IP at a time or a small range Scan one IP of a failover pair

28 Risk Discovery Scanning Vulnerability Scanning Penetration Testing Non-intrusive Assessment

29 ICS Workshop Lab Setup

30 Lab Setup Overview Thumb Drive Manuals VMware All VMs expire Friday at 6pm,Central

31 Virtual Machines 1. Kali 2. Master PLC / HMI 3. Slave PLC 4. Targets

32 Exercises ICS Discovery ICS Vulnerability Scanning ICS System Exploitation ICS Protocol Exploitation

33 Kali Metasploit Armitage John the Ripper Wireshark Nmap Nessus Netcat Etc. Tools Used

34 Methodology Review Target Discovery Vulnerability Identification Penetration / Exploitation Discovery Vulnerability Identification Exploitation

35 ICS Workshop Setup and Configuration 25 Minutes

36 ICS Discovery

37 Discovery Vulnerability Identification Exploitation

38 Discovery Scanning Discovery Scanning involves finding live targets Examples: HMI PLCs Engineering Workstation Historian

39 What are we looking for? HMIs typically run on Windows, often XP Slave PLCs

40

41 Nmap Scripting Engine (NSE)

42 Nmap for ICS NSE Nmap Scripting Engine Has scripts designed to help discover and enumerates ICS systems: bacnet-info modbus-discover stuxnet-detect Siemens-CommunicationsProcessors.nse Siemens-SCALANCE-module.nse Siemens-WINCC.nse

43 Risk Discovery Scanning Vulnerability Scanning Penetration Testing Non-intrusive Assessment

44 ICS Target Discovery Exercise 25 Minutes

45 ICS Target Discovery Exercise Recap

46 ICS Vulnerability Scanning

47 Vulnerability DiscoveryICS System Exploitation Identification Exploitation

48 Vulnerability Scanners More intrusive than discovery tools like Nmap Dramatically increase likelihood of creating a DOS or undesired event Use with Extreme Caution or not at all on Production networks

49 Nessus SCADA Plugins

50

51

52 Risk Discovery Scanning Vulnerability Scanning Penetration Testing Non-intrusive Assessment

53 ICS Vulnerability Scanning Exercise 45 Minutes

54 ICS Target Discovery Exercise Recap

55 ICS System Exploitation

56 Vulnerability DiscoveryICS System Exploitation Identification Exploitation

57

58

59

60

61

62 Risk Discovery Scanning Vulnerability Scanning Penetration Testing Non-intrusive Assessment

63 ICS System Exploitation Exercise 45 Minutes

64 ICS Target Discovery Exercise Recap

65 ICS Protocol Exploitation

66 Vulnerability DiscoveryICS System Exploitation Identification Exploitation

67

68

69

70

71 B

72 Risk Discovery Scanning Vulnerability Scanning Penetration Testing Non-intrusive Assessment

73 ICS Protocol Exploitation Exercise 35 Minutes

74 ICS Target Discovery Exercise Recap

75 ICS Workshop Survey Contact Information (844) 9-ALPINE

Security Testing in Critical Systems

Security Testing in Critical Systems Security Testing in Critical Systems An Ethical Hacker s View Peter Wood Chief Executive Officer First Base Technologies Who is Peter Wood? Worked in computers & electronics since 1969 Founded First Base

More information

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses

More information

Team Members: Jared Romano, Rachael Dinger, Chris Jones, Miles Kelly Supervising Professor: Dr. George Collins Industry Advisor: Dr.

Team Members: Jared Romano, Rachael Dinger, Chris Jones, Miles Kelly Supervising Professor: Dr. George Collins Industry Advisor: Dr. Cyber Security 2014 Team Members: Jared Romano, Rachael Dinger, Chris Jones, Miles Kelly Supervising Professor: Dr. George Collins Industry Advisor: Dr. Joel Dubow Hacking Incidents Reported to the Cyber

More information

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM Course Description This is the Information Security Training program. The Training provides you Penetration Testing in the various field of cyber world.

More information

Breakthrough Cyber Security Strategies. Introducing Honeywell Risk Manager

Breakthrough Cyber Security Strategies. Introducing Honeywell Risk Manager Breakthrough Cyber Security Strategies Introducing Honeywell Risk Manager About the Presenter Eric D. Knapp @ericdknapp Global Director of Cyber Security Solutions and Technology for Honeywell Process

More information

Virtual Learning Tools in Cyber Security Education

Virtual Learning Tools in Cyber Security Education Virtual Learning Tools in Cyber Security Education Dr. Sherly Abraham Faculty Program Director IT and Cybersecurity Dr. Lifang Shih Associate Dean School of Business & Technology, Excelsior College Overview

More information

Vulnerability Assessment and Penetration Testing

Vulnerability Assessment and Penetration Testing Vulnerability Assessment and Penetration Testing Module 1: Vulnerability Assessment & Penetration Testing: Introduction 1.1 Brief Introduction of Linux 1.2 About Vulnerability Assessment and Penetration

More information

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)

More information

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access The Best First for Beginners who want to become Penetration Testers PTSv2 in pills: Self-paced, online, flexible access 900+ interactive slides and 3 hours of video material Interactive and guided learning

More information

CRYPTUS DIPLOMA IN IT SECURITY

CRYPTUS DIPLOMA IN IT SECURITY CRYPTUS DIPLOMA IN IT SECURITY 6 MONTHS OF TRAINING ON ETHICAL HACKING & INFORMATION SECURITY COURSE NAME: CRYPTUS 6 MONTHS DIPLOMA IN IT SECURITY Course Description This is the Ethical hacking & Information

More information

Penetration Testing Report. Client: xxxxxx Date: 19 th April 2014

Penetration Testing Report. Client: xxxxxx Date: 19 th April 2014 1. Executive Summary Penetration Testing Report Client: xxxxxx Date: 19 th April 2014 On the 19th of April, a security assessment was carried out on the internal networks of xxxxxx, with the permission

More information

Agenda. Introduction to SCADA. Importance of SCADA security. Recommended steps

Agenda. Introduction to SCADA. Importance of SCADA security. Recommended steps Agenda Introduction to SCADA Importance of SCADA security Recommended steps SCADA systems are usually highly complex and SCADA systems are used to control complex industries Yet.SCADA systems are actually

More information

Vulnerability analysis

Vulnerability analysis Vulnerability analysis License This work by Z. Cliffe Schreuders at Leeds Metropolitan University is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. Contents License Contents

More information

SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP

SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP Today s Topics SCADA Overview SCADA System vs. IT Systems Risk Factors Threats Potential Vulnerabilities Specific Considerations

More information

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense Cyber Investigations Data Management Systems Security Data Security Analysis Digital Forensics Health Care Security Industrial

More information

Emerging SCADA and Security Solutions Presented by; Michael F. Graves, P.E. Chris Murphy, CISSP

Emerging SCADA and Security Solutions Presented by; Michael F. Graves, P.E. Chris Murphy, CISSP Emerging SCADA and Security Solutions Presented by; Michael F. Graves, P.E. Chris Murphy, CISSP July 25, 2014 Topics Improved 4G Communications Mobile Devices Cyber Security Threats Cyber Security Guidance

More information

INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION

INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION Prepared for the NRC Fuel Cycle Cyber Security Threat Conference Presented by: Jon Chugg, Ken Rohde Organization(s): INL Date: May 30, 2013 Disclaimer

More information

Penetration Testing with Kali Linux

Penetration Testing with Kali Linux Penetration Testing with Kali Linux PWK Copyright 2014 Offensive Security Ltd. All rights reserved. Page 1 of 11 All rights reserved to Offensive Security, 2014 No part of this publication, in whole or

More information

Seven Strategies to Defend ICSs

Seven Strategies to Defend ICSs INTRODUCTION Cyber intrusions into US Critical Infrastructure systems are happening with increased frequency. For many industrial control systems (ICSs), it s not a matter of if an intrusion will take

More information

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)

More information

How Secure is Your SCADA System?

How Secure is Your SCADA System? How Secure is Your SCADA System? Charles Drobny GlobaLogix, Inc. Houston, TX, USA Our Industry is a Target 40% of cyber attacks on Critical Infrastructure targets are aimed at the Energy Industry The potential

More information

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

If you know the enemy and know yourself, you need not fear the result of a hundred battles. Rui Pereira,B.Sc.(Hons),CIPS ISP/ITCP,CISSP,CISA,CWNA/CWSP,CPTE/CPTC Principal Consultant, WaveFront Consulting Group ruiper@wavefrontcg.com 1 (604) 961-0701 If you know the enemy and know yourself, you

More information

Build Your Own Security Lab

Build Your Own Security Lab Build Your Own Security Lab A Field Guide for Network Testing Michael Gregg WILEY Wiley Publishing, Inc. Contents Acknowledgments Introduction XXI xxiii Chapter 1 Hardware and Gear Why Build a Lab? Hackers

More information

Penetration Testing of Industrial Control Systems

Penetration Testing of Industrial Control Systems SF-1075-SUR (8-2005) SANDIA REPORT SAND2005-2846P Unlimited Release Printed March, 2005 Penetration Testing of Industrial Control Systems David P. Duggan Prepared by Sandia National Laboratories Albuquerque,

More information

IDS and Penetration Testing Lab ISA656 (Attacker)

IDS and Penetration Testing Lab ISA656 (Attacker) IDS and Penetration Testing Lab ISA656 (Attacker) Ethics Statement Network Security Student Certification and Agreement I,, hereby certify that I read the following: University Policy Number 1301: Responsible

More information

How to build a security assessment program. Dan Boucaut

How to build a security assessment program. Dan Boucaut How to build a security assessment program Dan Boucaut Agenda 1 Problem statement 2 Business case 3 How to avoid creating more problems Problem statement Security assessments are hard, costly and may take

More information

SCADA Security Example

SCADA Security Example SCADA Security Example Christian Paulino and Janusz Zalewski Florida Gulf Coast University December 2012 1. Introduction SCADA systems are always connected to a network, so they are vulnerable to attack.

More information

Course Duration: 80Hrs. Course Fee: INR 7000 + 1999 (Certification Lab Exam Cost 2 Attempts)

Course Duration: 80Hrs. Course Fee: INR 7000 + 1999 (Certification Lab Exam Cost 2 Attempts) Course Duration: 80Hrs. Course Fee: INR 7000 + 1999 (Certification Lab Exam Cost 2 Attempts) Course Module: 1. Introduction to Ethical Hacking 2. Footprinting a. SAM Spade b. Nslookup c. Nmap d. Traceroute

More information

NCS 430 Penetration Testing Lab #2 Tuesday, February 10, 2015 John Salamy

NCS 430 Penetration Testing Lab #2 Tuesday, February 10, 2015 John Salamy 1 NCS 430 Penetration Testing Lab #2 Tuesday, February 10, 2015 John Salamy 2 Item I. (What were you asked to do?) Complete Metasploit: Quick Test on page 88-108 of the Penetration Testing book. Complete

More information

North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing

North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing Introduction ManTech Project Manager Mark Shaw, Senior Executive Director Cyber Security Solutions Division

More information

CPNI VIEWPOINT CYBER SECURITY ASSESSMENTS OF INDUSTRIAL CONTROL SYSTEMS

CPNI VIEWPOINT CYBER SECURITY ASSESSMENTS OF INDUSTRIAL CONTROL SYSTEMS CPNI VIEWPOINT CYBER SECURITY ASSESSMENTS OF INDUSTRIAL CONTROL SYSTEMS MARCH 2011 Acknowledgements This Viewpoint is based upon the Cyber Security Assessments of Industrial Control Systems Good Practice

More information

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability WWW Based upon HTTP and HTML Runs in TCP s application layer Runs on top of the Internet Used to exchange

More information

LOGIIC APPROVED FOR PUBLIC DISTRIBUTION

LOGIIC APPROVED FOR PUBLIC DISTRIBUTION LOGIIC Virtualization Project February 2015 Final Public Report Document Title LOGIIC Virtualization Project Public Report Version Version 1.0 Primary Author A. McIntyre (SRI) Distribution Category LOGIIC

More information

Penetration Testing. NTS330 Unit 1 Penetration V1.0. February 20, 2011. Juan Ortega. Juan Ortega, juaorteg@uat.edu. 1 Juan Ortega, juaorteg@uat.

Penetration Testing. NTS330 Unit 1 Penetration V1.0. February 20, 2011. Juan Ortega. Juan Ortega, juaorteg@uat.edu. 1 Juan Ortega, juaorteg@uat. 1 Penetration Testing NTS330 Unit 1 Penetration V1.0 February 20, 2011 Juan Ortega Juan Ortega, juaorteg@uat.edu 1 Juan Ortega, juaorteg@uat.edu 2 Document Properties Title Version V1.0 Author Pen-testers

More information

Cyber Security for SCADA/ICS Networks

Cyber Security for SCADA/ICS Networks Cyber Security for SCADA/ICS Networks GANESH NARAYANAN HEAD-CONSULTING CYBER SECURITY SERVICES www.thalesgroup.com Increasing Cyber Attacks on SCADA / ICS Systems 2 What is SCADA Supervisory Control And

More information

EC-Council Certified Security Analyst (ECSA)

EC-Council Certified Security Analyst (ECSA) EC-Council Certified Security Analyst (ECSA) v8 Eğitim Tipi ve Süresi: 5 Days VILT 5 Day VILT EC-Council Certified Security Analyst (ECSA) v8 Learn penetration testing methodologies while preparing for

More information

CYBERTRON NETWORK SOLUTIONS

CYBERTRON NETWORK SOLUTIONS CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified

More information

Hacking Book 1: Attack Phases. Chapter 1: Introduction to Ethical Hacking

Hacking Book 1: Attack Phases. Chapter 1: Introduction to Ethical Hacking Hacking Book 1: Attack Phases Chapter 1: Introduction to Ethical Hacking Objectives Understand the importance of information security in today s world Understand the elements of security Identify the phases

More information

WHITE PAPER. An Introduction to Network- Vulnerability Testing

WHITE PAPER. An Introduction to Network- Vulnerability Testing An Introduction to Network- Vulnerability Testing C ONTENTS + Introduction 3 + Penetration-Testing Overview 3 Step 1: Defining the Scope 4 Step 2: Performing the Penetration Test 5 Step 3: Reporting and

More information

LEARNING COMPUTER SYSTEMS VULNERABILITIES EXPLOITATION THROUGH PENETRATION TEST EXPERIMENTS

LEARNING COMPUTER SYSTEMS VULNERABILITIES EXPLOITATION THROUGH PENETRATION TEST EXPERIMENTS 1 LEARNING COMPUTER SYSTEMS VULNERABILITIES EXPLOITATION THROUGH PENETRATION TEST EXPERIMENTS Te-Shun Chou and Tijjani Mohammed Department of Technology Systems East Carolina University chout@ecu.edu Abstract

More information

Ethical Hacking Course Layout

Ethical Hacking Course Layout Ethical Hacking Course Layout Introduction to Ethical Hacking o What is Information Security? o Problems faced by the Corporate World o Why Corporate needs Information Security? Who is a Hacker? o Type

More information

Endpoint Security and the Case For Automated Sandboxing

Endpoint Security and the Case For Automated Sandboxing WHITE PAPER Endpoint Security and the Case For Automated Sandboxing https://enterprise.comodo.com A World of Constant Threat We live in a world of constant threat. Hackers around the globe work every hour

More information

Automated Penetration Testing with the Metasploit Framework. NEO Information Security Forum March 19, 2008

Automated Penetration Testing with the Metasploit Framework. NEO Information Security Forum March 19, 2008 Automated Penetration Testing with the Metasploit Framework NEO Information Security Forum March 19, 2008 Topics What makes a good penetration testing framework? Frameworks available What is the Metasploit

More information

NETWORK PENETRATION TESTING

NETWORK PENETRATION TESTING Tim West Consulting 6807 Wicklow St. Arlington, TX 76002 817-228-3420 Twest@timwestconsulting.com OVERVIEW Tim West Consulting Tim West Consulting is a full service IT security and support firm that specializes

More information

Anthony J. Keane, MSc, PhD and Jason Flood, MSc Information Security & Digital Forensics Research Group Institute of Technology Blanchardstown

Anthony J. Keane, MSc, PhD and Jason Flood, MSc Information Security & Digital Forensics Research Group Institute of Technology Blanchardstown Anthony J. Keane, MSc, PhD and Jason Flood, MSc Information Security & Digital Forensics Research Group Institute of Technology Blanchardstown 1 Protected networks are continuously being successfully attacked

More information

Course Title: Course Description: Course Key Objective: Fee & Duration:

Course Title: Course Description: Course Key Objective: Fee & Duration: Course Title: Course Description: This is the Ethical hacking & Information Security Diploma program. This 6 months Diploma Program provides you Penetration Testing in the various field of cyber world.

More information

SETTING UP AND USING A CYBER SECURITY LAB FOR EDUCATION PURPOSES *

SETTING UP AND USING A CYBER SECURITY LAB FOR EDUCATION PURPOSES * SETTING UP AND USING A CYBER SECURITY LAB FOR EDUCATION PURPOSES * Alexandru G. Bardas and Xinming Ou Computing and Information Sciences Kansas State University Manhattan, KS 66506 bardasag@ksu.edu, xou@ksu.edu

More information

Cyber Assessment Methods for SCADA Security

Cyber Assessment Methods for SCADA Security INL/CON-05-00191 PREPRINT Cyber Assessment Methods for SCADA Security 15 th Annual Joint ISA POWID/EPRI Controls and Instrumentation Conference May Robin Permann Kenneth Rohde June 2005 This is a preprint

More information

Building the Next Generation of Computer Security Professionals. Chris Simpson

Building the Next Generation of Computer Security Professionals. Chris Simpson Building the Next Generation of Computer Security Professionals Chris Simpson Overview Why teach computer security to high school students Deciding what to teach What I taught Community Support Lessons

More information

Vinny Hoxha Vinny Hoxha 12/08/2009

Vinny Hoxha Vinny Hoxha 12/08/2009 Ethical Hacking and Penetration Testing Vinny Hoxha Vinny Hoxha 12/08/2009 What is Ethical Hacking? Types of Attacks Testing Approach Vulnerability Assessments vs. Penetration Testing Testing Methodology

More information

Industrial Control System Cyber Situational Awareness. Robert M. Lee* June 10 th, 2015

Industrial Control System Cyber Situational Awareness. Robert M. Lee* June 10 th, 2015 Industrial Control System Cyber Situational Awareness Robert M. Lee* June 10 th, 2015 Executive Summary Cyber situational awareness is the concept of understanding and visualizing the networked environment

More information

A New Layer of Security to Protect Critical Infrastructure from Advanced Cyber Attacks. Alex Leemon, Sr. Manager

A New Layer of Security to Protect Critical Infrastructure from Advanced Cyber Attacks. Alex Leemon, Sr. Manager A New Layer of Security to Protect Critical Infrastructure from Advanced Cyber Attacks Alex Leemon, Sr. Manager 1 The New Cyber Battleground: Inside Your Network Over 90% of organizations have been breached

More information

Distributed Systems Security

Distributed Systems Security Distributed Systems Security Tutorial Dennis Pfisterer Institute of Telematics, University of Lübeck http://www.itm.uni-luebeck.de/users/pfisterer Non Sequitur by Wiley Security - 08 Firewalls Assessing

More information

Using the Nessus Vulnerability Scanner on Control Systems

Using the Nessus Vulnerability Scanner on Control Systems Using the Nessus Vulnerability Scanner on Control Systems By Dale Peterson All too often we hear stories about the IT Department or some consultant running a vulnerability scan that takes down a key control

More information

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

ITEC441- IS Security. Chapter 15 Performing a Penetration Test 1 ITEC441- IS Security Chapter 15 Performing a Penetration Test The PenTest A penetration test (pentest) simulates methods that intruders use to gain unauthorized access to an organization s network and

More information

CSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security

CSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security Security+ Supported Labs - V1 Lab 1 Network Devices and Technologies - Capturing Network Using tcpdump to Capture Network with Wireshark with Network Miner 2 Secure Network Administration Principles -

More information

Development of an Intrusion Detection and Prevention Course Project Using Virtualization Technology. Te-Shun Chou East Carolina University, USA

Development of an Intrusion Detection and Prevention Course Project Using Virtualization Technology. Te-Shun Chou East Carolina University, USA International Journal of Education and Development using Information and Communication Technology (IJEDICT), 20, Vol. 7, Issue 2, pp. 46-55. Development of an Intrusion Detection and Prevention Course

More information

NETWORK SECURITY WITH OPENSOURCE FIREWALL

NETWORK SECURITY WITH OPENSOURCE FIREWALL NETWORK SECURITY WITH OPENSOURCE FIREWALL Vivek Kathayat,Dr Laxmi Ahuja AIIT Amity University,Noida vivekkathayat@gmail.com lahuja@amity.edu ATTACKER SYSTEM: Backtrack 5r3( 192.168.75.10 ) HOST: Backtrack

More information

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks

More information

RISK IDENTIFY SECURITY RISKS SERVICE CORE

RISK IDENTIFY SECURITY RISKS SERVICE CORE BE FREE BE FREE OF RISK IDENTIFY SECURITY RISKS SERVICE CORE TALK TO OUR EXPERTS 1.877.222.8615 www.bestit.com Copyright 2013 BestIT.com Inc. IDENTIFY SECURITY RISKS Internal Governance Vulnerability Assessment

More information

Advanced & Persistent Threat Analysis - I

Advanced & Persistent Threat Analysis - I Advanced & Persistent Threat Analysis - I Burak Ekici ekcburak@hotmail.com Department of Computer Engineering, Yaşar University, Turkey. April 21, 2012 Burak Ekici (Dept. of Comp. Eng.) Advanced & Persistent

More information

Critical Infrastructure Security: The Emerging Smart Grid. Cyber Security Lecture 5: Assurance, Evaluation, and Compliance Carl Hauser & Adam Hahn

Critical Infrastructure Security: The Emerging Smart Grid. Cyber Security Lecture 5: Assurance, Evaluation, and Compliance Carl Hauser & Adam Hahn Critical Infrastructure Security: The Emerging Smart Grid Cyber Security Lecture 5: Assurance, Evaluation, and Compliance Carl Hauser & Adam Hahn Overview Assurance & Evaluation Security Testing Approaches

More information

NETWORK PENETRATION TESTS FOR EHR MANAGEMENT SOLUTIONS PROVIDER

NETWORK PENETRATION TESTS FOR EHR MANAGEMENT SOLUTIONS PROVIDER A C a s e s t u d y o n h o w Z e n Q h a s h e l p e d a L e a d i n g K - 1 2 E d u c a t i o n & L e a r n i n g S o l u t i o n s P r o v i d e r i n U S g a u g e c a p a c i t y o f t h e i r f l

More information

Cyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services

Cyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services Cyber Risk Mitigation via Security Monitoring Enhanced by Managed Services Focus: Up to But Not Including Corporate and 3 rd Party Networks Level 4 Corporate and 3 rd Party/Vendor/Contractor/Maintenance

More information

Aiming at Higher Network Security Levels Through Extensive PENETRATION TESTING. Anestis Bechtsoudis. http://bechtsoudis.com abechtsoudis (at) ieee.

Aiming at Higher Network Security Levels Through Extensive PENETRATION TESTING. Anestis Bechtsoudis. http://bechtsoudis.com abechtsoudis (at) ieee. Aiming at Higher Network Security Levels Through Extensive PENETRATION TESTING Anestis Bechtsoudis http://bechtsoudis.com abechtsoudis (at) ieee.org Athena Summer School 2011 Course Goals Highlight modern

More information

The Four-Step Guide to Understanding Cyber Risk

The Four-Step Guide to Understanding Cyber Risk Lifecycle Solutions & Services The Four-Step Guide to Understanding Cyber Risk Identifying Cyber Risks and Addressing the Cyber Security Gap TABLE OF CONTENTS Introduction: A Real Danger It is estimated

More information

Office of Emergency Communications (OEC) Mobile Applications for Public Safety (MAPS)

Office of Emergency Communications (OEC) Mobile Applications for Public Safety (MAPS) Office of Emergency Communications (OEC) Mobile Applications for Public Safety (MAPS) PSCR Public Safety Broadband Stakeholder Conference June 4 th, 2014 Alex Kreilein Technology Policy Strategist Office

More information

Unit 3 Research Project. Eddie S. Jackson. Kaplan University. IT540: Management of Information Security. Kenneth L. Flick, Ph.D.

Unit 3 Research Project. Eddie S. Jackson. Kaplan University. IT540: Management of Information Security. Kenneth L. Flick, Ph.D. Running head: UNIT 3 RESEARCH PROJECT 1 Unit 3 Research Project Eddie S. Jackson Kaplan University IT540: Management of Information Security Kenneth L. Flick, Ph.D. 10/07/2014 UNIT 3 RESEARCH PROJECT 2

More information

Creation of Pentesting Labs

Creation of Pentesting Labs Creation of Pentesting Labs By Kyle Barta Submitted to The Faculty of the Department of Information Technology In Partial Fulfillment of the Requirements for The Degree of Bachelor of Science In Information

More information

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War Vulnerability Risk Management 2.0 Best Practices for Managing Risk in the New Digital War In 2015, 17 new security vulnerabilities are identified every day. One nearly every 90 minutes. This consistent

More information

WHITEPAPER. Nessus Exploit Integration

WHITEPAPER. Nessus Exploit Integration Nessus Exploit Integration v2 Tenable Network Security has committed to providing context around vulnerabilities, and correlating them to other sources, such as available exploits. We currently pull information

More information

WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security

WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security A World of Constant Threat We live in a world on constant threat. Every hour of every day in every country around the globe hackers

More information

Malicious Websites uncover vulnerabilities (browser, plugins, webapp, server), initiate attack steal sensitive information, install malware, compromise victim s machine Malicious Websites uncover vulnerabilities

More information

Information Security. Training

Information Security. Training Information Security Training Importance of Information Security Training There is only one way to keep your product plans safe and that is by having a trained, aware and a conscientious workforce. - Kevin

More information

Ovation Security Center Data Sheet

Ovation Security Center Data Sheet Features Scans for vulnerabilities Discovers assets Deploys security patches easily Allows only white-listed applications in workstations to run Provides virus protection for Ovation Windows stations Aggregates,

More information

ICS-CERT Incident Response Summary Report

ICS-CERT Incident Response Summary Report ICS-CERT Incident Response Summary Report 20092011 OVERVIEW The Department of Homeland Security (DHS) Control Systems Security Program manages and operates the Industrial Control Systems Cyber Emergency

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

White Paper. April 2006. Security Considerations for Utilities Utilities Tap Into the Power of SecureWorks

White Paper. April 2006. Security Considerations for Utilities Utilities Tap Into the Power of SecureWorks White Paper April 2006 Security Considerations for Utilities Utilities Tap Into the Power of SecureWorks According to a recent Harris Interactive survey, the country s leading business executives consider

More information

An Introduction to Network Vulnerability Testing

An Introduction to Network Vulnerability Testing CONTENTS Introduction 3 Penetration Testing Overview 4 Step 1: Defining the Scope 4 Step 2: Performing the Penetration Test 5 Step 3: Reporting and Delivering Results 6 VeriSign SecureTEST 7 Common Vulnerability

More information

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Capture Link Server V1.00

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Capture Link Server V1.00 Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak Capture Link Server V1.00 Version 1.0 Eastman Kodak Company, Health Imaging Group Page 1 Table of Contents

More information

Automated Protection on UCS with Trend Micro Deep Security

Automated Protection on UCS with Trend Micro Deep Security Copyright 2014 Trend Micro Inc. Automated Protection on UCS with Trend Micro Deep Security Chris Van Den Abbeele Senior presales Engineer Agenda 1. Industrialization of Cyber threats The boomerang of Project

More information

Firewalls and Software Updates

Firewalls and Software Updates Firewalls and Software Updates License This work by Z. Cliffe Schreuders at Leeds Metropolitan University is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. Contents General

More information

Making Your Enterprise SSL Security Less of a Gamble

Making Your Enterprise SSL Security Less of a Gamble Making Your Enterprise SSL Security Less of a Gamble Rob Glickman Sr. Director, Product Marketing Amar Doshi Sr. Manager, Product Management Symantec Vision 2012 The VeriSign Seal is Now the Norton Secured

More information

MONTHLY WEBSITE MAINTENANCE PACKAGES

MONTHLY WEBSITE MAINTENANCE PACKAGES MONTHLY WEBSITE MAINTENANCE PACKAGES The security and maintenance of your website is serious business, and what you don t know can certainly hurt you. A hacked or spamvertised site can wreak havoc on search

More information

Information Security Assessment and Testing Services RFQ # 28873 Questions and Answers September 8, 2014

Information Security Assessment and Testing Services RFQ # 28873 Questions and Answers September 8, 2014 QUESTIONS ANSWERS Q1 How many locations and can all locations be tested from a A1 5 locations and not all tests can be performed from a central location? central location. Q2 Connection type between location

More information

Penetration Testing Workshop

Penetration Testing Workshop Penetration Testing Workshop Who are we? Carter Poe Nathan Ritchey Mahdi Shapouri Fred Araujo Outline Ethical hacking What is penetration testing? Planning Reconnaissance Footprinting Network Endpoint

More information

Security Testing Summary of Next-Generation Enterprise VoIP Solution: Unify Inc. OpenScape SBC V8

Security Testing Summary of Next-Generation Enterprise VoIP Solution: Unify Inc. OpenScape SBC V8 Security Testing Summary of Next-Generation Enterprise VoIP Solution: Unify Inc. OpenScape SBC V8 SR140531D 19 August 2014 Miercom www.miercom.com Overview Unify Inc. (formerly Siemens Enterprise Communications)

More information

Penetration Testing. Presented by

Penetration Testing. Presented by Penetration Testing Presented by Roadmap Introduction to Pen Testing Types of Pen Testing Approach and Methodology Side Effects Demonstration Questions Introduction and Fundamentals Penetration Testing

More information

Medical Device Security Health Group Digital Output

Medical Device Security Health Group Digital Output Medical Device Security Health Group Digital Output Security Assessment Report for the Kodak Color Medical Imager 1000 (CMI-1000) Software Version 1.1 Part Number 1G0434 Revision 2.0 June 21, 2005 CMI-1000

More information

Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure

Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure Introduction Tenable Network Security is the first and only solution to offer security visibility, Azure cloud environment auditing, system

More information

Maryland State Board of Elections Online Voter Services Penetration Testing Report

Maryland State Board of Elections Online Voter Services Penetration Testing Report Maryland State Board of Elections Online Voter Services Penetration Testing Report September 28, 2012 Richard F. Forno, Ph.D., Project Director University of Maryland, Baltimore County (UMBC) Contents

More information

INFORMATION SECURITY TRAINING CATALOG (2015)

INFORMATION SECURITY TRAINING CATALOG (2015) INFORMATICS AND INFORMATION SECURITY RESEARCH CENTER CYBER SECURITY INSTITUTE INFORMATION SECURITY TRAINING CATALOG (2015) Revision 3.0 2015 TÜBİTAK BİLGEM SGE Siber Güvenlik Enstitüsü P.K. 74, Gebze,

More information

Networks and Security Lab. Network Forensics

Networks and Security Lab. Network Forensics Networks and Security Lab Network Forensics Network Forensics - continued We start off from the previous week s exercises and analyze each trace file in detail. Tools needed: Wireshark and your favorite

More information

Intro to Firewalls. Summary

Intro to Firewalls. Summary Topic 3: Lesson 2 Intro to Firewalls Summary Basic questions What is a firewall? What can a firewall do? What is packet filtering? What is proxying? What is stateful packet filtering? Compare network layer

More information

Protecting Critical Infrastructure

Protecting Critical Infrastructure Protecting Critical Infrastructure SCADA Network Security Monitoring March 20, 2015 Table of Contents Introduction... 4 SCADA Systems... 4 In This Paper... 4 SCADA Security... 4 Assessing the Security

More information

DSL and Cable Modems: The Dangers of Having a Static IP Address

DSL and Cable Modems: The Dangers of Having a Static IP Address DSL and Cable Modems: The Dangers of Having a Static IP Address By Joe Edwards ECE 478 Spring 2000 1.0 Introduction As computer technology continues to rapidly progress, more and more people are abandoning

More information

Penetration Testing. Security Testing

Penetration Testing. Security Testing Penetration Testing Gleneesha Johnson Advanced Topics in Software Testing Fall 2004 Security Testing Method of risk evaluation Testing security mechanisms to ensure that their functionality is properly

More information

10 Application and Network Security and security testing. IT Governance CEN 667

10 Application and Network Security and security testing. IT Governance CEN 667 10 Application and Network Security and security testing IT Governance CEN 667 1 Project proposal (week 4) Goal of the projects are to find applicable measurement and metric methods to improve processes:

More information

Quick Start Guide to Ethical Hacking

Quick Start Guide to Ethical Hacking Quick Start Guide to Ethical Hacking Written by Matt Ford, CEH Includes: Example Lab with Kali Linux Introduction In this Guide to Ethical Hacking, Matt Ford of Foursys sets out the definition, goals and

More information

ICS/SCADA Security Analysis of a Beckhoff CX5020 PLC

ICS/SCADA Security Analysis of a Beckhoff CX5020 PLC ICS/SCADA Security Analysis of a Beckhoff CX5020 PLC Gregor Bonney, Hans Höfken, Benedikt Paffen and Marko Schuba FH Aachen, University of Applied Sciences, Eupenerstr. 70, Aachen, Germany {bonney, hoefken,

More information