Scarlet OT: Adversary Emulation for Industrial Control Systems - HITB 2023

Explore the world of Industrial Control System (ICS) security through this 43-minute conference talk from the Hack In The Box Security Conference. Dive into the development of Scarlet OT, an open-source adversary emulation tool designed as a plugin for MITRE's Caldera. Learn how this innovative tool allows users to combine IT attacks with OT adversaries, offering a cost-effective solution for enterprises seeking to identify vulnerabilities in their ICS environments. Gain insights from the analysis of traffic from over 20 factories and 19 MITRE-defined ICS malwares, including PIPEDREAM/Incontroller. Discover the evolving trends in ICS malware, from single protocol targeting to modularized, multi-protocol support, and understand the four-stage attack flow common in these threats. Explore Scarlet OT's capabilities, supporting 10 common protocols and over 23 techniques on the MITRE ICS matrix, and its ability to reproduce over 80% of defined ICS malware actions. Witness a live demo and learn about the tool's applications in real-life industrial settings, including oil, gas, water, and electric power devices.

#HITB2023HKT D2T1 - Scarlet OT: OT Adversary Emulation For Fun And Profit - Sol Yang & Vic Huang