CYRIN's New Attack Scenario - On An HVAC Scada System

Uploaded on 2025-01-29 in JOBS-Training, FREE TO VIEW

Brought to you by CYRIN

CYRIN's New Attack Scenario - on an HVAC Scada System

In this new Level Three scenario from CYRIN the student is presented with an OT (Operational Technology) network that controls the HVAC system for a building. Malware in the network has forced the temperature in the building to uncomfortably low values.

The student is tasked with finding the source of the Modbus commands forcing the low temperatures: the computer originating the commands and the malware process on the computer. The malware might have hidden itself; the student must unhide the process and kill it.

The student should have some familiarity with: (1) The Linux operating system, including commands to view processes and network connections, (2) The pfSense firewall. Students without these prerequisites should consider completing the CYRIN labs, Linux Operating System Fundamentals for Systems Administrators and Firewall Configuration with pfSense, before attempting this attack scenario.

Why this is Important
Hackers today have the capability to gain access to company information through the building control systems. The Industrial Control Industry is experiencing rapid digital transformation, driven by the adoption of smart technologies and interconnected systems. While these innovations provide greater efficiency and convenience, they also expose companies to significant cybersecurity risks. Every unsecured IoT device, every connected endpoint becomes a potential target for cyber attacks.

Like all our labs, this new attack scenario is mapped to the NIST NICE Framework, the MITRE ATT&CK Matrix and appropriate NSA CAE-CD and CAE-CO Knowledge Units.

These development efforts keep CYRIN at the forefront of new and innovative ways to train and teach cybersecurity. Inexpensive, easy-to-use and tailored to your schedule, the CYRIN labs are your entry to the world of cybersecurity.

To learn more about our content visit the CYRIN catalog page.

CYRIN – Where Training and Education Comes to You.

Image: Arkadiusz Warguła

You Might Also Read:

Salt Typhoon - The Chinese Telecom Hack:

If you like this website and use the comprehensive7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Immutable Backup: Have The Last Word Against Ransomware
Ransomware Readiness: Transforming Threat Into Organizational Resilience »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Checkmarx

Checkmarx

Checkmarx provides state-of-the-art application security solutions with static code analysis software.

InnoSec

InnoSec

InnoSec is a software manufacturer of cyber risk management technology.

Cyacomb

Cyacomb

Cyacomb (formerly Cyan Forensics) provides digital forensics software to help police forces find evidence on computers many times faster than before.

Information Systems Security Partners (ISSP)

Information Systems Security Partners (ISSP)

ISSP is a specialized system integrator focused on the information security needs of its corporate clients and providing best in class products and services for securing organizational information.

SEON Technologies

SEON Technologies

At SEON we strive to help online businesses reduce the costs, time, and challenges faced due to fraud.

Valire Software

Valire Software

Valire provide a solution for the automated detection of internal fraud.

Ziroh Labs

Ziroh Labs

Ziroh Labs leverages advanced cryptography to keep your highly sensitive, private data safe throughout the lifecycle of data.

Data Eliminate

Data Eliminate

Data Eliminate provide data destruction, secure end-of-life IT asset disposal, and data protection consultancy services.

Gula Tech Adventures

Gula Tech Adventures

Gula Tech Adventures invests in companies and nonprofits that help close the gap in needed technology and workforce to defend the country in cyberspace.

Opticks Security

Opticks Security

Opticks provides fraud detection and monitoring solutions for leading brands. agencies and networks. Our relentless mission is to deliver reliable and innovative software to beat digital fraud.

Gunnison Consulting Group

Gunnison Consulting Group

Gunnison Consulting Group serves the Federal Government with high quality IT consulting services.

Recon InfoSec

Recon InfoSec

The Recon InfoSec team includes analysts, architects, engineers, intrusion specialists, penetration testers, and operations experts.

UNS Inc.

UNS Inc.

UNS is a top services partner for multiple leaders in the global cybersecurity industry – we do business in 40 countries, including the United States, Canada, Chile, and Colombia.

Zenity

Zenity

Zenity is the first and only security governance platform for low-code/no-code applications.

Cyber Explorers

Cyber Explorers

Cyber Explorers is a fun, free and interactive learning platform for future digital superstars. An exciting addition to UK curriculum delivery or after school activities.

Realm.Security

Realm.Security

Realm.Security is pioneering the creation of an easy-to-implement, simple-to-use security fabric solution that is purpose-built for cybersecurity.

OryxAlign

OryxAlign

OryxAlign offer managed IT and cyber security, cloud and digital transformation, and tailored professional and consulting services.