404 Not Found

general

400 Citations

general

OT cybersecurity resources

Sources: Mike Holcomb LinkedIn post

Want hands-on experience in OT cybersecurity?

Start with these FREE projects – no power plant required!

Getting started in OT/ICS cybersecurity doesn’t have to be hard.

And it doesn’t have to be expensive.

So start with these projects and build from there!

1. Setup Your Own “Attack & Defend” OT/ICS Lab with Labshock

Labshock is a new virtual OT environment that helps you get started!

Use it to explore defensive capabilities like detection and SEIM.

As well as having an OT environment to attack!

https://lnkd.in/eG-Y-Z2z

2. Hack Into a Power Plant with GRFICSv2

GRFICS takes a fun twist with virtual OT networks.

Giving you a CCTV feed to watch over the environment.

And then allowing you to see what changes happen due to your “testing.”

Is that smoke I see coming out of the power plant???

https://lnkd.in/eam3eQDx

3. Setup an OT/ICS Honeypot

Honeypots are systems that are designed to be hacked.

Set one of these virtual honeypots up for target practice.

Take your time to interact with different OT protocols like Modbus.

github.com/mushorg/conpot
Probably the most popular OT/ICS honeypot to get started with

https://lnkd.in/emiiasR3
Another OT/ICS honeypot from T-Mobile (yes, THAT T-Mobile)

4. Analyze Real World OT/ICS Cyber Incidents

While this might not be as exciting as some of the others…

Learning from real world incidents can help you learn.

-> Understand how attackers break into OT environments
-> Learn what attackers do once they are inside OT networks
-> Figure out how to prevent the same attacks from occuring again

OT/ICS cybersecurity companies such as Dragos and Mandiant release some incredible research on the latest incidents.

Need help getting started?

Lookup Stuxnet, TriSIS, Colonial and Fuxnet.

And don’t stop!

5. Find OT/ICS Assets Exposed to the Internet and Contact the Owners

Want to learn more about finding OT/ICS assets on the Internet?

Check out my YouTube video here:

https://lnkd.in/e7e2VkbA

Once you find these assets without obtrusive means, see if you can determine who the asset owner is.

If you’re really feeling brave, reach out and contact them.

Honestly, most of the time your work will fall on deaf ears.

But every once in a while it has a significant impact!

Just don’t share sensitive information with others.

6. Write Your Own Modbus Scanner with Python and/or ChatGPT

Writing defensive and offensive tools can be a great way to learn!

Not a developer like me? Use ChatGPT or other GenAI tools.

Interested in using ChatGPT to create security tools?

Watch “Hacking ICS/OT (& IT) with ChatGPT”

https://lnkd.in/eVduTgcC

Don’t forget – the best way to learn is to share!

As you work through your projects…

-> Document your steps
-> Take screenshots
-> Post and share
-> Have fun!
-> 🙂

P.S. What would you start with first?

🔔 Follow Mike Holcomb for more OT/ICS cybersecurity
♻️ Useful? Share to help others!

general