ICS summary 2021

Today is the last day in 2021 and it’s been a wonderful year participating in the ICS world and community. For that I thought I would like to summarize all my articles that I wrote in 2021, extract the lessons and plan for future directions. I have categorized my articles into 4 categories based on what I wrote. I plan to update those categories with more content and also include new categories as I continue to write new topics. I wish every one success, health and happiness.

ICS technical skills

• ICS IR skills “ICS Cyber Incident Response”:https://zerontek.com/zt/2021/12/05/ics-cyber-incident-response/
• ICS monitoring skills “Tips & Tricks 1: What to monitor in ICS ?”:https://zerontek.com/zt/2021/02/03/tips-tricks-1-what-to-monitor-in-ics/
• ICS asset identification skills “Tips & Tricks 2: Asset Identification”:https://zerontek.com/zt/2021/02/20/tips-tricks-2-asset-identification/
• ICS zones skills “Tips & Tricks 3 How to assess the security of your ICS architecture ?”:https://zerontek.com/zt/2021/02/28/tips-tricks-3-how-to-assess-the-security-of-your-ics-architecture/
• ICS with Wireshark skills “Wireshark: BACnet security analysis”:https://zerontek.com/zt/2021/05/25/wireshark-bacnet-security-analysis/

ICS tools:

• “Metasploit Modules for ICS”:https://zerontek.com/zt/2021/03/10/metasploit-modules-for-ics/
• “Wireshark filters for ICS protocols”:https://zerontek.com/zt/2021/04/12/wireshark-filters-for-ics-protocols/
• “ICS files in Exploit Database”:https://zerontek.com/zt/2021/03/28/ics-files-in-exploit-database/

Future ideas and research (POC):

• A framework [ICSRank] I developed to reduce ICS risks“Reduce your OT risk”:https://zerontek.com/zt/2021/10/14/reduce-your-ot-risk/
• Some brainstorming ideas to fix the ICS patching issues“ICS patching without rebooting”:https://zerontek.com/zt/2021/11/18/ics-patching-without-rebooting/

ICS attacks, incidents and statistics:

• A report that analyzes the status of ICS exploits in the market”ICS/OT Exploits“: https://zerontek.com/zt/2021/08/10/ics-ot-exploits/
• An analysis of the recent Iranian attack”Iranian Gas Cyberattack“:https://zerontek.com/zt/2021/10/31/iranian-gas-cyberattack/
• An article that analyzes the behavior of ICS asset owners based on Shodan”How ICS owners think“:https://zerontek.com/zt/2021/01/07/how-ics-owners-think/
• Lessons learned from the 2020–2021 attacks on water systems”Hacking Water Exposed“:https://zerontek.com/zt/2021/07/14/hacking-water-exposed/
• A taxonomy developed by myself on how to attack safety PLC systems for gas plants”Gas (LPG) Attack Taxonomy“:https://zerontek.com/zt/2021/07/29/gas-lpg-attack-taxonomy/

https://zerontek.com/zt/2021/12/31/ics-summary-2021/