I don’t work with Industrial Control Systems, but I am greatly fascinated and interested in the technology and how it is absolutely critical for our society. And through my work with the Danish Home Guard, I have had the opportunity to not only interact with some systems but also defend them in a “live fire” exercise, Locked Shields 2025.
Now I am the type who learns best about a topic when I can tinker and play, and not only read about it. Since there is no way I can convince my employer to send me to SANS’ ‘ICS515: ICS Visibility, Detection, and Response‘ course, or find anyone that will let me loose in their production environment, I have decided to build my own mini lab. Not to search for 0-days or anything like that, but to really learn about the configuration, maintenance and security of OT systems – and in the process, share everything!
I have read Kim Zetter’s “Countdown to Zero Day” a couple of times, and I have watched Alex Gibney’s “Zero Days” even more times – the story is immensely fascinating, and I can’t recommend both enough. The documentary contains a short sequence, talking about how the malware researchers wanted to make a visual demo of what Stuxnet could do – to make it more relatable.
And THAT is what I want to do! That demo is perfect – a balloon popping is an awesome visual storytelling aid, to show people exactly how important ICS/OT security is. My idea though is to make a portable demo I can use as a showcase, and possibly in a teaching scenario.
Every piece of code and everything else I am able to share I’ll put up on github so others can replicate what I am doing.
This kind of hardware isn’t exactly cheap, and even buying it used can be rather expensive. Fortunately, I have been so lucky that a sponsor has graciously donated some very cool equipment to my project, and everything else I’ve been able to find on AliExpress – much more on all of that in Part II …
Leave a Reply