CYRIN's New Attack Scenario - On An HVAC Scada System

Uploaded on 2025-01-29 in JOBS-Training, FREE TO VIEW

Brought to you by CYRIN

CYRIN's New Attack Scenario - on an HVAC Scada System

In this new Level Three scenario from CYRIN the student is presented with an OT (Operational Technology) network that controls the HVAC system for a building. Malware in the network has forced the temperature in the building to uncomfortably low values.

The student is tasked with finding the source of the Modbus commands forcing the low temperatures: the computer originating the commands and the malware process on the computer. The malware might have hidden itself; the student must unhide the process and kill it.

The student should have some familiarity with: (1) The Linux operating system, including commands to view processes and network connections, (2) The pfSense firewall. Students without these prerequisites should consider completing the CYRIN labs, Linux Operating System Fundamentals for Systems Administrators and Firewall Configuration with pfSense, before attempting this attack scenario.

Why this is Important
Hackers today have the capability to gain access to company information through the building control systems. The Industrial Control Industry is experiencing rapid digital transformation, driven by the adoption of smart technologies and interconnected systems. While these innovations provide greater efficiency and convenience, they also expose companies to significant cybersecurity risks. Every unsecured IoT device, every connected endpoint becomes a potential target for cyber attacks.

Like all our labs, this new attack scenario is mapped to the NIST NICE Framework, the MITRE ATT&CK Matrix and appropriate NSA CAE-CD and CAE-CO Knowledge Units.

These development efforts keep CYRIN at the forefront of new and innovative ways to train and teach cybersecurity. Inexpensive, easy-to-use and tailored to your schedule, the CYRIN labs are your entry to the world of cybersecurity.

To learn more about our content visit the CYRIN catalog page.

CYRIN – Where Training and Education Comes to You.

Image: Arkadiusz Warguła

You Might Also Read:

Salt Typhoon - The Chinese Telecom Hack:

If you like this website and use the comprehensive7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Immutable Backup: Have The Last Word Against Ransomware
Ransomware Readiness: Transforming Threat Into Organizational Resilience »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Sophos

Sophos

Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 400,000 organizations of all sizes in more than 150 countries from today’s most advanced cyberthreats.

BruCERT

BruCERT

BruCERT is the referral agency for dealing with computer-related and internet-related security incidents in Brunei Darussalam.

AllClear ID

AllClear ID

AllClear ID provides products and services that help protect people and their personal information from threats related to identity theft.

Post-Quantum

Post-Quantum

Post-Quantum offer a unique, patented quantum-resistant encryption algorithm that can be applied to existing products and networks.

i-Sprint Innovations

i-Sprint Innovations

i-Sprint is a leader in Securing Identity and Transactions in the Cyber World for industries that are security sensitive.

Hack The Box

Hack The Box

Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with thousands of people in the security field.

NETRIO

NETRIO

If you are looking for a highly mature, exceptionally competent Managed Service Provider, NETRIO has solutions to keep your business running at warp speed with zero disruptions.

StackHawk

StackHawk

StackHawk is built to help dev teams ship secure code. Find and fix bugs early before they become vulnerabilities in production.

StrataCore

StrataCore

StrataCore is a single-source technology lifecycle advocate that works behind IT teams as a strategic partner to help them achieve peak enterprise outcomes.

SecureStream Technologies

SecureStream Technologies

SecureStream Technologies have built the IoT SafetyNet - the Network Security Analytics platform to Eliminate Security Threats, Guarantee Privacy, Ensure Compliance, Simply & Easily.

Cynomi

Cynomi

Cynomi is a leading strategic cybersecurity operations platform that automates cybersecurity knowledge and expertise to empower teams with little to no in-house expertise.

Kennedys

Kennedys

Kennedys is a global law firm with expertise in litigation/dispute resolution and advisory services, particularly in the insurance/reinsurance and liability sectors, including cyber risk.

Brunswick Group

Brunswick Group

Brunswick is a critical issues firm. We advise the world’s leading companies on how to navigate the critical issues they face and engage with their critical stakeholders.

Focus Group

Focus Group

Focus Group are one of the UK’s leading independent providers of essential business technology. Here to take care of all your telecoms, IT and connectivity services.

Conifers

Conifers

Empower your existing SecOps team with the strength of AI - achieve SOC excellence with Conifers CognitiveSOC.

Cyber Solutions Inc

Cyber Solutions Inc

Cyber Solutions has been providing professional IT Support for businesses since 1998.