Listen to this Post
Here is the list of Free and Best Cost Cybersecurity Trainings for OT Security Professionals.
🥇 Trainings by Cybersecurity and Infrastructure Security Agency
- Operational Security (OPSEC) for Control Systems (100W) – 1 hour
- Differences in Deployments of ICS (210W-1) – 1.5 hours
- Influence of Common IT Components on ICS (210W-2) – 1.5 hours
- Common ICS Components (210W-3) – 1.5 hours
- Cybersecurity within IT & ICS Domains (210W-4) – 1.5 hours
- Cybersecurity Risk (210W-5) – 1.5 hours
- Current Trends (Threat) (210W-6) – 1.5 hours
- Current Trends (Vulnerabilities) (210W-7) – 1.5 hours
- Determining the Impacts of a Cybersecurity Incident (210W-8) – 1.5 hours
- Attack Methodologies in IT & ICS (210W-9) – 1.5 hours
- Mapping IT Defense-in-Depth Security Solutions to ICS – Part 1 (210W-10) – 1.5 hours
- Mapping IT Defense-in-Depth Security Solutions to ICS – Part 2 (210W-11) – 1.5 hours
- Industrial Control Systems Cybersecurity Landscape for Managers (FRE2115) – 1 hour
🥇 Other Trainings
- to Cybersecurity by Cisco Academy
- Cybersecurity Essentials by Cisco Academy
- Networking Essentials by Cisco Academy
- Intro to Information Security by Udacity
- Network Security by Udacity
- NSE 1,2 & 3 by Fortinet
- Information Security by OpenLearn
- Network Security by OpenLearn
- Risk Management by Open Learn
- Certified in Cybersecurity℠ – CC by ICS2
- CCNA Security Courses by various platforms
- Network Defense Essentials (NDE) by EC Council
- Digital Forensics Essentials (DFE) by EC Council
- Dark Web, Anonymity, and Cryptocurrency by EC Council
- Digital Forensics by Open Learn
- Vulnerability Management
- RedTeaming
- Getting Started in ICS/OT Cyber Security – 25+ Hours by Mike Holcomb
- Practical Industrial Control System Penetration Testing By Marcel Rick-Cen
- ICS Security Trainings on Udemy by Sourabh Suman
- OT Security Huddle Sessions with Manjunath Hiregange and Shiv Kataria
You Should Know:
Here are some practical commands and codes related to OT Security and ICS cybersecurity:
1. Nmap Command for ICS Network Scanning:
nmap -sT -p 1-1024 --script=modbus-discover.nse <target_IP>
This command scans for Modbus devices on a network.
2. Wireshark Filter for ICS Protocols:
Use the following filter in Wireshark to capture Modbus traffic:
“`bash.port == 502“`
3. Linux Command to Monitor Network Traffic:
tcpdump -i eth0 -n -s 0 -w capture.pcap
This captures all network traffic on the `eth0` interface and saves it to a file.
4. Windows Command to Check Open Ports:
Test-NetConnection -ComputerName <target_IP> -Port <port_number>
This checks if a specific port is open on a target system.
5. Python Script to Detect PLC Vulnerabilities:
import socket
target = "192.168.1.1"
port = 502
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((target, port))
print(f"Port {port} is open on {target}")
except:
print(f"Port {port} is closed on {target}")
This script checks if a Modbus port is open on a target PLC.
6. Linux Command to Check for ICS Vulnerabilities:
sudo apt-get install ics-scanner ics-scanner -t <target_IP>
This tool scans for vulnerabilities in ICS devices.
7. Windows PowerShell Command to Disable Unnecessary Services:
Stop-Service -Name <service_name> -Force
This stops unnecessary services that could be exploited.
What Undercode Say:
OT Security is a critical field that requires a deep understanding of both IT and industrial systems. The above commands and tools are essential for securing ICS environments. Always ensure that your systems are updated, and unnecessary ports and services are disabled. Regularly monitor network traffic and conduct vulnerability assessments to stay ahead of potential threats. For more advanced training, consider the courses listed above to enhance your skills and knowledge in OT Security.
Additional Resources:
References:
Reported By: Shivkataria Icssecurity – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅
