Chapter 11: Threat Hunt Scenario 1 – Malware Beaconing

It is now time to get our hands dirty with some actual threat hunting exercises. This chapter is the first of three targeted threat hunting exercises. The hypotheses for these threat hunt exercises are aimed at uncovering as much malicious activity as we can when faced with adopting or integrating a new ICS network or the addition/expansion of an existing ICS network. The idea is that by performing these three exercises beforehand on an unknown ICS network, we can be reasonably certain we find any unwelcome guests before we open the doors.

A cautionary warning upfront for this chapter: we will be covering a large variety of tools and in an effort to keep the page count down, I often only ...

Get Industrial Cybersecurity - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Industrial Cybersecurity - Second Edition by Pascal Ackerman

Chapter 11: Threat Hunt Scenario 1 – Malware Beaconing

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly