I’m discussing the IEC 62443 certification with an organization: that build and sell ICS plants which are risky from a safety perspective. They currently comply with the Machinery Directive (Directive 2006/42/EC of the European Parliament), but they are not considering the Cyber risk.
As you probably know, I’m working on learning simulated lab for years. In the last couple of years, I moved to OT/ICS Cybersecurity, and sometimes I need a realistic lab to show the consequence of a Cyberattack targeting OT/ICS devices.
A few days ago, together with Rocco Sicilia and FESTO Academy , I presented a webinar on OT/ICS Cybersecurity approach. We are often spending time increasing Cybersecurity awareness, and that webinar was focused to gives Cybersecurity fundamentals to OT managers.
This post explore my second TryHackMe room: Attacking ICS Plant #2 . Because the VM can be unresponsive, I also provide the OVA for offline labs. The room allows attacking a simulated refinery plant, gaining basic knowledge on ICS protocol weakness.
This post explore my first TryHackMe room: Attacking ICS Plant #1 . Because the VM can be unresponsive, I also provide the OVA for offline labs. The room allows exploration of a simulated bottle-filling plant, gaining basic knowledge on ICS protocol weakness.