• Classroom
  • Online, Instructor-Led
Course Description

The Advanced Cybersecuring Building Control Systems Workshop is geared towards building and information assurance professionals who have experience in IT or control systems cybersecurity but need to learn how to apply those skills to building control systems.

This course provides a more technical, in-depth training solution geared towards developing security professionals with the ability to approach security with an attacker mentality. This includes understanding and practicing techniques for footprinting; scanning and enumeration; exploitation; post exploitation; containment and eradication; and reporting. Students will use Kali Linux and other exploit tools to gain entrance into the control system, pivot through the network, establish beacon command and control channels, modify logs to mask presence and exfiltrate data.

Students will then contain and eradicate the exploit and prepare artifacts, event logs and develop an incident report. The nation's buildings are increasingly relying on building control systems with embedded communications technology and many enabled via the Internet. These systems provide critical services that allow a building to meet the functional and operational needs of building occupants, but they can also be easy targets for hackers and people with malicious intent. Attackers can exploit these systems to gain unauthorized access to facilities; be used as an entry point to the traditional informational technology (IT) systems and data; cause physical destruction of building equipment; and expose an organization to significant financial obligations to contain and eradicate malware or recover from a cyber-event.

As Federal facilities include thousands of office buildings, laboratories, and warehouses, many are part of the nation's critical infrastructure. These facilities contain building and access control systems such as heating, ventilation, and air conditioning; electronic card readers; and closed-circuit camera systems that are increasingly being automated and connected to other information systems or networks and the Internet. As these systems are becoming more connected, so is their vulnerability to potential cyber-attacks.

Learning Objectives

  • Learn advanced Building Control System (BCS) Design;
  • Learn BCS communication protocols;
  • Attack and exploit BCS using Metasploit and SamuariSTFU;
  • Complete the 6 steps of the Risk Management Framework;
  • Use the DHS ICS-CERT CSET tool to create advanced BCS network architecture diagrams and System Security Plan;
  • Use Microsoft SysInternals, EMET and other diagnostic and forensic tools to find evil.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):