PART III

PUTTING IT ALL TOGETHER: RISK MITIGATION

CASE STUDY, PART 5: How Will It End?

Proph knew that there was a pretty good chance that the process network wouldn’t have an intrusion detection system and most likely little to no other monitoring, aside from what processes and systems the HMI monitored. He didn’t have to be as concerned about being detected as he did on the corporate network, but he still had to be careful. Most of the digital process equipment, such as PLCs and RTUs, could react poorly to even simple and light techniques such as port scanning. The last thing he wanted to do was get the operators and engineers on edge by “knocking over” equipment. Causing these devices to reset, go into fault, or “bricking” them could ...

Get Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.