OT/ICS SECURITY – Red Alert

2019

4 – 6 Dec, 2019	Singapore	Open for registration Click here
22 – 24 Oct, 2019	Singapore	Registration Full
11 – 13 Sep, 2019	Singapore	CSA X NSHC training
28 – 30 Aug, 2019	Seoul, Korea	NSHC initiative
4 – 5 Feb, 2019	Japan	IPA: Information-technology Promotion Agency

2018

12 – 14 Dec, 2018	Seoul, Korea	NSHC initiative
25 – 26 Nov, 2018	Dubai, UAE	Conference: Hack in the Box Dubai
12 – 15 Nov, 2018	Seoul, Korea	Private: Korean Government Institution
5 – 7 Sep, 2018	Seoul, Korea	NSHC initiative
29 – 31 Aug, 2018	Singapore	NSHC initiative
24 – 26 Jul, 2018	Indonesia	Collaboration: with PT. INM
21 – 23 May, 2018	Singapore	Conference: Infosec in the City
9 – 11 May, 2018	Seoul, Korea	NSHC initiative

2017

12 – 14 Dec, 2017	Seoul, Korea	NSHC initiative
27 – 30 Nov, 2017	Kuala Lumpur, Malaysia	Collaboration: with Condition Zebra
7 – 8 Nov, 2017	Tokyo, Japan	Conference: CodeBlue2017
20 – 22 Sep, 2017	Seoul, Korea	KOEN
13 – 15 Sep, 2017	Tokyo, Japan	Collaboration: with NHN
21 – 23 Aug, 2017	Singapore	Conference: HITB GSEC Singapore
20 – 21 Jun, 2017	Chonburi, Thailand	Amata B Grimm Power Plant II
15 – 16 Jun, 2017	Chonburi, Thailand	Amata B Grimm Power Plant I
7- 9 Jun, 2017	Seoul, Korea	NSHC initiative
22 – 25 May, 2017	Kuala Lumpur, Malaysia	Collaboration: Condition Zebra
16 – 18 May, 2017	Abu Dhabi, UAE	NSHC initiative
10 – 12 Apr, 2017	Amsterdam, Netherlands	Conference: HITB GSEC Amsterdam
5 – 7 Apr, 2017	Macau	Private: CEM
8 – 10 Feb, 2017	Seoul, Korea	NSHC initiative
17 – 20 Jan, 2017	Hong Kong	Private: Hong Kong Police Office

2016

30 Nov – 2 Dec, 2016	Singapore	Private Client
29 – 30 Nov, 2016	Taipei, Taiwan	Conference: HITCON
18 – 19 Oct, 2016	Tokyo, Japan	Conference: CodeBlue2016
30 – 31 Aug, 2016	Bangkok, Thailand	Private Client
11 – 12 Jul, 2016	Seoul, Korea	Conference: SECUINSIDE
10 – 13 Feb, 2016	Seoul, Korea	NSHC initiative
11 – 15 Feb, 2016	Singapore	Private Client

Offensive ICS/OT Cybersecurity Training

ICS/SCADA system controls most of the critical infrastructures today. The system may seem safe due to its OT nature or the latest patching technology, but it is still penetrable. One should truly understand how to penetrate, in order to find out effective ways to defend.

Students will learn the components and architecture,latest threat information, and how to pen-test ICS/SCADA system. Actual field devices and ICS/SCADA simulation will be utilized to teach zero-day vulnerabilities found on ICS/SCADA related product and how to find zero day vulnerabilities.

Why Advanced ICS/SCADA Security Training?

Learn how hackers discover vulnerabilities in ICS/SCADA

Identify and analyze existing zero-day vulnerabilities found on ICS

Understand wide range of ICS fundamentals and case studies

Gain offensive techniques in compromising ICS facilities

Weigh the benefit and cost of patching the facilities

Secure the IT & OT area

Unique Strengths

Hands-On Kit

Trainees are offered with hands-on kit where they can use to hack the system and understand offensive point of view

Localized Training

Our training is customized to fit into
the local context for better understanding

Impact Visualization

Utilizing our very own simulation test-bed
with PLC and HMI used in real world scenario

Red Alert’s Analysis Report

Training also provides detailed report made by NSHC’s professional researchers

Who should take this training?

OT Facility Managers or staffs with basic network and system knowledge

IT Team or Cybersecurity Teams

OT Engineer who work with industrial network or SCADA software

System/Network Admin for ICS/OT facility

Security Researchers with interest in ICS/OT

Standard Curriculum

Topics	Learning Outcome
1. ICS/SCADA Introduction & Case Study	– Recap on the basics learnt regarding ICS/SCADA with few additional case studies in mind
2. ICS Attack Surfaces & Scanning	– Reveal Internet Connected System Whether It is Intended or Not – How the Web Hacking Applied to ICS/SCADA System
3. ICS System Vulnerabilities	– Figure out What Kind of Vulnerabilities are Exist in ICS/SCADA – How It Could be Used by the Hacker
4. Fuzzing the PLC Software	– How to Find Vulnerability of ICS/SCADA Software – Possible to Find the Vulnerability First then Patch Before the Hacker Uses – Best practice for Engineers to self-examine and test fuzzing themselves on their own software.
5. ICS Network Protocol Vulnerabilities	– Understand How Many Vulnerabilities are Existed on Protocol and How It Works – How to Validate the Vulnerabilities on the Protocol to Harden the ICS/SCADA Network Monitoring on Specific Traffic Used by Protocol Vulnerabilities
6. Malware Injection to Control System	– Figure out that We Can Not Rely on Anti-Virus Engine and Security Solution – There is No Effective Defense Mechanism. Only White List Based Will be the Protection – Understand How the Actual Attack is an Elaborate Work
7. Bypass Airgap using Bad DNS	– Learn the Importance of Why DNS Server Should be Removed from Internal Network
8. ICS/SCADA Network Analysis for Incident Response	– Understand How the Hacker Approach to ICS/SCADA System – Figure out Any Suspicious Activity on Network Traffic – Through the network packet analysis on this session, they will figure out what kind of attack pattern will be deployed. Trainee could apply the protection to their network based on these pattern
9. Bypass Airgap using Radio Frequency	– How Easily Does Radio Frequency Conducted – Get Everything in Readiness Against Radio Frequency Attack
10. Bypass Airgap using Bad USB	– Figure out that We Can Not Rely on Anti-Virus Engine and USB Security Solution – How Creative Attack the Hacker Uses – Need to Block the USB Port Physically

REGISTER FOR UPCOMING TRAINING

[caldera_form id="CF5d8c82c53e17c"]