Explore the critical cybersecurity issues surrounding Industrial Control Systems (ICS) and SCADA in this comprehensive conference talk from HITB CyberWeek. Delve into the background of ICS/SCADA, examining potential security threats and attack vectors. Witness a live demonstration of hacking an LC using industrial communication protocols and PLC services. Learn how to develop Lua plugins for Wireshark and create exploit code from a hacker's perspective. Discover effective protection strategies to secure ICS/SCADA environments after understanding common attack methods. Gain insights from real-world cyber incidents, including the 2015 Ukraine Power Grid attack, 2017 Triton/Trisis Malware attack, and 2018 Taiwan Semiconductor Factory Malware attack. Explore ICS vulnerabilities, threat hunting techniques using PLC honeypots, and the presence of ICS protocols on Shodan. Examine various attack vectors, including communication protocol attacks and command injections, while learning about fortification strategies for OT cyber defense using a defense-in-depth approach. Read more