Are you an Industrial Control Systems SCAD A vulnerability expert?
Power control systems are not completely “air gap” isolated from internet access.
System control vendor administration accounts have been successfully accessed via exploiting unsecure system maintenance service accounts that system vendors have negligently left open via non-encrypted FTP, rlogin, telnet protocols, for instance.
Go to SANS, Dark Reading, Krebs on Security, Blackhat, and FBI Infragard to read up on the topic.
Many legacy power plant ICS SCADA control systems and old (20-30 yrs+) non/weak-encrypted wireless peripheral control units such as remote valves, sensors, pumps, electrical switches, still remain vulnerable to hacking from power station parking lots.
Upgrading old legacy components used in power plants can be technically difficult, expensive and disruptive to system availability.
Educational opportunity 4 u: https://www.infosec-city.com/sg18-ctf-ics-scada ICS/SCADA Capture-the-Flag (CTF) Sponsored By: Registration The ICS/SCADA CTF competition is open to all conference ticketholders to play, enjoy and compete.Participants simply have to register at the NSHC booth located in the Exhibition Foyer.GameplayThere are altogether 6 scenarios, each with its own set of challenges and scores. The scenarios and challenges are based on real ICS/SCADA simulation using real ICS/SCADA components. There are more than 50 challenges — Providing an enjoyable and unforgettable experience for both Beginners and Experts. ScenariosScenario 1: Malware/Forensics An Operator's Workstation Windows System Email Attachment Scenario 2: IoT/Web Vulnerability/Forensics Wireless LAN (WLAN)No Access ControlScenario 3: Bypass Airgap/Network/CryptosystemWindows System Default Installation No Internet AccessScenario 4: Bypass Airgap/HMI Windows SystemPLC Developer's WorkstationUSB BlockOnly Mouse & KeyboardScenario 5: ICS Vulnerability in PLCPLC Software/Firmware0-day Scenario 6: ICS Infrastructure/Real-WorldSimulation RailwaySmart Grid Challenge CategoriesEach challenge may span across various challenge categories. Category 1: Bypass AirgapIndustrial WiFi Hacking Industrial BluetoothRadio Frequency (RF) HackingUSB-based Microcontroller Default Network-based Attack Category 2: ICS ProtocolIEC 60870-5-101 or 104, IEC 61850, DNP3ModbusIncident Response for Security Operations Centre (SOC) Category 3: PLC & HMIWell-known vulnerabilitiesPassword Cracking0-day Vulnerabilities (Discovered by NSHC Red Alert Team)Control PLC, HMI Category 4: ForensicsNetworking — Industrial Network CaptureDocuments Category 5: Misc.Shodan & IoT ManipulationZoomeye Search for SCADA EquipmentOSINT for Critical Infrastructure