As discussed earlier in the course, an industrial control system (ICS) is any system that enables users to control industrial and critical infrastructure assets over a network. Critical infrastructure refers to resources that, if damaged or destroyed, would cause significant negative impact to the economy, public health and safety, or security of a society. For example, water suppliers, electricity generators, health services, transportation services, etc., are considered critical infrastructure.
Many ICSs were established years before security standards were established, and as a result, are considerably outdated. As more ICSs are being incorporated in the organization's TCP/IP network, there is greater opportunity for exploitation. One open source tool for ICS exploitation is ICSSPLOIT. ICSSPLOIT, written in Python, has a similar syntax to Metasploit, and includes various modules that take advantage of an ICS's programmable logic controllers (PLCs). PLCs are the components that directly control industrial systems. Example ICSSPLOIT modules include:
- Controlling start/stop functionality for specific vendor controllers.
- Executing remote commands on controllers running specific real-time operating systems.
- Crashing TCP services running on controllers.
- Triggering a DoS through remote procedure call (RPC) services.