Week 4

Week 4: [Exploit] Web Server / Owasp Top 10

Lecture

Building on our knowledge of the Stuxnet attack we’ll look at how the cross-pollination of technology between critical infrastructure domains also allows for the reuse of cyber security threat vectors.

In 2011 a water treatment in Illinois was attacked 1. The attack was traced back to Russia.

Analyzing the 5 Ws
  • Why: Foreign entities sending a message.
  • Who: Russia.
  • What: Pump failure.
  • When: One year after the Stuxnet attack.
  • Where: Illinois. The message being sent is this -> Stuxnet taught the world that cyber weapons can cause kinetic effect and America is vulnerable to it’s own tradecraft being used against it.
  • How: In this attack the how is different. Though we can see that in a broad sense it’s the only part of the kill chain that is.

Goals

  • Review all concepts and tools covered.
  • Cover OWASP Top 10.
  • Practice with a new scenario.

Lab

Hour 1

Intentionally Vulnerable Web Apps Owasp Top 10

Hour 2
Vocabulary Review
  • Cyber Killchain
  • Open Source Intelligence Tools
  • Social Engineering
  • Phishing
  • Fingerprinting
  • Scanning and Enummeration
  • Exploits
  • Footholds
  • Weaponization
  • Payload Delivery
Bonus Scenario

We are a state sponsored actor. We plan on testing water treatment facility security in the US after noticing the effectiveness of a cyber security attack against Dominion Power in Richmond, Virginia. Our goal is to conduct our research on a real target and make it look as if it was conducted by the same hacktivst group which attacked Dominion Power.