Module18 IoT and OT Hacking

Thursday, February 29, 2024 0 Comments

 Module 18: IoT Hacking & OT Hacking

Learn about packet-sniffing techniques and how to use them to discover

network vulnerabilities, as well as countermeasures to defend against sniffing

attacks. Hands-On Lab Exercises: Over 2 hands-on exercises with real-life

simulated targets to build skills on how to:

> Gather information using Online foot printing tools

> Capture and analyze IoT device traffic

Key topics covered:

> IoT Architecture

> IoT Communication Models

> OWASP Top 10 IoT Threats

> IoT Vulnerabilities

> IoT Hacking Methodology

> IoT Hacking Tools

> IoT Security Tools

> IT/OT Convergence (IIOT)

> ICS/SCADA

> OT Vulnerabilities

> OT Attacks

> OT Hacking Methodology

> OT Hacking Tools

> OT Security Tools

Section 01: IoT Hacking

Internet of things (IoT)

The Internet of things (IoT) describes physical objects (or groups of such objects) with sensors, processing ability, software, and other technologies that connect and exchange data with other devices and systems over the Internet or other communications networks.

Operational technology

Operational technology (OT) is hardware and software that detects or causes a change, through the direct monitoring and/or control of industrial equipment, assets, processes and events.

Heating, ventilation and air conditioning (HVAC)

Heating, ventilation, and air conditioning (HVAC) is the use of various technologies to control the temperature, humidity, and purity of the air in an enclosed space. Its goal is to provide thermal comfort and acceptable indoor air quality.

OWASP Internet of things

The OWASP Internet of Things Project is designed to help manufacturers, developers, and consumers better understand the security issues associated with the Internet of Things, and to enable users in any context to make better security decisions when building, deploying, or assessing IoT technologies.

BlueBorne

BlueBorne is a type of security vulnerability with Bluetooth implementations in Android, iOS, Linux and Windows. It affects many electronic devices such as laptops, smart cars, smartphones and wearable gadgets.

Retinal scanner

A retinal scan is a biometric technique that uses unique patterns on a person's retina blood vessels. It is not to be confused with other ocular-based technologies: iris recognition, commonly called an "iris scan", and eye vein verification that uses scleral veins.

Section 02: OT Hacking

Operational technology (OT)

Operational technology (OT) is hardware and software that detects or causes a change, through the direct monitoring and/or control of industrial equipment, assets, processes and events.

Industrial control system (ICS)

An industrial control system (ICS) is an electronic control system and associated instrumentation used for industrial process control. Control systems can range in size from a few modular panel-mounted controllers to large interconnected and interactive distributed control systems (DCSs) with many thousands of field connections.

Supervisory control and data acquisition (SCADA)

Supervisory control and data acquisition (SCADA) is a control system architecture comprising computers, networked data communications and graphical user interfaces for high-level supervision of machines and processes.

Remote terminal unit

A remote terminal unit(RTU) is a microprocessor-controlled electronic device that interfaces objects in the physical world to a distributed control system or SCADA (supervisory control and data acquisition) system by transmitting telemetry data to a master system, and by using messages from the master supervisory system to control connected objects. Other terms that may be used for RTU are remote telemetry unit and remote telecontrol unit.

Programmable logic controller

A programmable logic controller (PLC) or programmable controller is an industrial computer that has been ruggedized and adapted for the control of manufacturing processes, such as assembly lines, machines, robotic devices, or any activity that requires high reliability, ease of programming, and process fault diagnosis. Dick Morley is considered as the father of PLC as he had invented the first PLC, the Modicon 084, for General Motors in 1968.

Distributed control system

A distributed control system (DCS) is a computerised control system for a process or plant usually with many control loops, in which autonomous controllers are distributed throughout the system, but there is no central operator supervisory control. This is in contrast to systems that use centralized controllers; either discrete controllers located at a central control room or within a central computer.

MITRE ATT&CK for ICS

ATT&CK for ICS is a knowledge base useful for describing the actions an adversary may take while operating within an ICS network. The knowledge base can be used to better characterize and describe post-compromise adversary behavior. Please see the overview page for more information about ATT&CK for ICS.

Lateral movement

Network Lateral Movement, or simply Lateral Movement, refers to the techniques that cyber attackers, or threat actors, use to progressively move through a network as they search for the key data and assets that are ultimately the target of their attack campaigns.

Command and control

This term is also in common use within the computer security industry and in the context of cyberwarfare. Here the term refers to the influence an attacker has over a compromised computer system that they control.

Zero trust

The zero trust security model, also known as zero trust architecture (ZTA), zero trust network architecture or zero trust network access (ZTNA), and sometimes known as perimeterless security, describes an approach to the design and implementation of IT systems.