Clint Bodungen - Hacking Exposed: Industrial Control Systems: ICS and SCADA Security Secrets and Solutions

Copyright 2017 by McGraw-Hill Education. All rights reserved. Except as permitted under the United States Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher.

ISBN: 978-1-25-958972-0
MHID: 1-25-958972-2

The material in this eBook also appears in the print version of this title: ISBN: 978-1-25-958971-3, MHID: 1-25-958971-4.

eBook conversion by codeMantra
Version 1.0

All trademarks are trademarks of their respective owners. Rather than put a trademark symbol after every occurrence of a trademarked name, we use names in an editorial fashion only, and to the benefit of the trademark owner, with no intention of infringement of the trademark. Where such designations appear in this book, they have been printed with initial caps.

McGraw-Hill Education eBooks are available at special quantity discounts to use as premiums and sales promotions or for use in corporate training programs. To contact a representative, please visit the Contact Us page at www.mhprofessional.com.

Information has been obtained by McGraw-Hill Education from sources believed to be reliable. However, because of the possibility of human or mechanical error by our sources, McGraw-Hill Education, or others, McGraw-Hill Education does not guarantee the accuracy, adequacy, or completeness of any information and is not responsible for any errors or omissions or the results obtained from the use of such information.

TERMS OF USE

This is a copyrighted work and McGraw-Hill Education and its licensors reserve all rights in and to the work. Use of this work is subject to these terms. Except as permitted under the Copyright Act of 1976 and the right to store and retrieve one copy of the work, you may not decompile, disassemble, reverse engineer, reproduce, modify, create derivative works based upon, transmit, distribute, disseminate, sell, publish or sublicense the work or any part of it without McGraw-Hill Educations prior consent. You may use the work for your own noncommercial and personal use; any other use of the work is strictly prohibited. Your right to use the work may be terminated if you fail to comply with these terms.

THE WORK IS PROVIDED AS IS. McGRAW-HILL EDUCATION AND ITS LICENSORS MAKE NO GUARANTEES OR WARRANTIES AS TO THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR RESULTS TO BE OBTAINED FROM USING THE WORK, INCLUDING ANY INFORMATION THAT CAN BE ACCESSED THROUGH THE WORK VIA HYPERLINK OR OTHERWISE, AND EXPRESSLY DISCLAIM ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. McGraw-Hill Education and its licensors do not warrant or guarantee that the functions contained in the work will meet your requirements or that its operation will be uninterrupted or error free. Neither McGraw-Hill Education nor its licensors shall be liable to you or anyone else for any inaccuracy, error or omission, regardless of cause, in the work or for any damages resulting therefrom. McGraw-Hill Education has no responsibility for the content of any information accessed through the work. Under no circumstances shall McGraw-Hill Education and/or its licensors be liable for any indirect, incidental, special, punitive, consequential or similar damages that result from the use of or inability to use the work, even if any of them has been advised of the possibility of such damages. This limitation of liability shall apply to any claim or cause whatsoever whether such claim or cause arises in contract, tort or otherwise.

For my twin sons, Caleb and Connor.
You can accomplish anything. Just believe.

Clint Bodungen

I would like to dedicate this and all works to the Glory of God and to my three kids. Two daughters who taught me what love is and how to be cute in a hard world, and a son who has shown me that a huge heart and brave dedication can overcome long odds in life.

Bryan Singer

For my wife, without whose encouragement I would not have found the energy or willpower to complete my parts of this book.

Aaron Shbeeb

To my wife and three wonderful childrenfor without their support, this would not be possible.

Stephen Hilt

Clint Bodungen is a Senior Critical Infrastructure Security Researcher with Kaspersky Lab. He has more than 20 years of experience in the cyber security industry, specializing in risk assessment, penetration testing, and vulnerability research. More than half of his 20 years in the industry has been focused exclusively on industrial control systems. He has been programming and hacking computers since the age of 11 and has been developing applications and tools for Unix/Linux since the mid-1990s. He began his professional career serving in the United States Air Force as his units Computer Systems Security Officer (CSSO) and OPSEC Manager, and holds a degree in Industrial Design Technology. He found his passion for threat research and systems testing while working for Symantec and testing their IDS applications. He was introduced to ICS in 2003 when he was hired by an industrial automation consulting firm to help a major oil & gas company secure their SCADA system. Since then, Clint has led ICS risk assessment and penetration testing projects for many of the countrys top energy organizations, and he continues his efforts in vulnerability research in collaboration with ICS vendors. He has developed and taught dozens of ICS security training courses and is a frequent presenter at ICS cybersecurity conferences.

Bryan Singer is a principal investigator with Kenexis Security Corporation, specializing primarily in industrial control systems and SCADA security and is an industry-recognized industrial security expert. He began his professional career with the U.S. Army as a paratrooper and intelligence analyst. Since then, Bryan has designed, developed, and implemented large-scale industrial networks, cybersecurity architectures, and conducted penetration tests and cybersecurity assessments worldwide across various critical infrastructure fields, including power, oil & gas, food & beverage, nuclear, automotive, chemical, and pharmaceutical operations. In 2002, he became the founding chairman of the ISA-99/62443 standard, which he led until 2012. His areas of technical expertise are in software development, reverse engineering, forensics, network design, penetration testing, and conducting cybersecurity vulnerability assessments. Bryan lives in Montevallo, Alabama, and is a frequent author, speaker, and contributor to the ICS security field.

Aaron Shbeeb became interested in programming and computer security in his early teenage years. He graduated from The Ohio State University with a bachelors of science degree in computer science engineering. He has worked for over a decade in programming and/or security jobs and has focused strongly on secure programming practices. Since 2008, he has worked as a penetration tester and security researcher focusing on ICS/SCADA systems, both professionally and personally.

Stephen Hilt has been in information security and ICS security for over 10 years. With a bachelors degree from Southern Illinois University, he started working for a large power utility in the United States. There, Stephen gained an extensive background in security network engineering, incident response, forensics, assessments, and penetration testing. He then began focusing on ICS assessments and NERC CIP assessments. With that experience, Stephen then moved on to working as an ICS security consultant and researcher for one of the foremost ICS security consulting groups in the world, Digital Bond. In 2014 and 2015, Stephen was acknowledged for having one of the top coolest hacks by Dark Reading. He has also published numerous ICS-specific Nmap scripts to identify ICS protocols via native commands. Stephen, as a Trend Micro Sr. Threat Researcher, continues ICS research and diving into other areas of advanced research.