Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions

This hands-on guide exposes the devious methods cyber threat actors use to compromise the hardware and software central to petroleum pipelines, electrical grids, and nuclear refineries. Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets and Solutions shows, step-by-step, how to implement and maintain an ICS-focused risk mitigation framework that is targeted, efficient, and cost-effective. The book arms you with the skills necessary to defend against attacks that are debilitating―and potentially deadly. See how to assess risk, perform ICS-specific threat modeling, carry out penetration tests using “ICS safe” methods, and block malware. Throughout, the authors use case studies of notorious attacks to illustrate vulnerabilities alongside actionable, ready-to-deploy countermeasures.

Learn how to:

• Assess your exposure and develop an effective risk management plan
• Adopt the latest ICS-focused threat intelligence techniques
• Use threat modeling to create realistic risk scenarios
• Implement a customized, low-impact ICS penetration-testing strategy
• See how attackers exploit industrial protocols
• Analyze and fortify ICS and SCADA devices and applications
• Discover and eliminate undisclosed “zero-day” vulnerabilities
• Detect, block, and analyze malware of all varieties

About the Authors

Clint Bodungen is an industry-recognized ICS/SCADA security researcher and penetration testing expert with more than 20 years of experience.

Bryan L. Singer, CISSP, CAP is an industry-recognized industrial security expert and principal investigator with Kenexis Security Corporation.

Aaron Shbeeb has worked for more than a decade in a variety of programming and security positions, including ICS/SCADA, and specializes in secure programming practices.

Kyle Wilhoit is a senior threat researcher at Trend Micro. He focuses on original threat, malware, vulnerability discovery/analysis, and criminal activity on the Internet.

Stephen Hilt is an Information Security and ICS Security expert and researcher who has published numerous ICS-Specific Nmap scripts that identify ICS protocols via native commands.