Scarlet OT - Adversary Emulation for Operational Technology

Explore an innovative approach to OT adversary emulation in this 45-minute conference talk from Ekoparty 2023. Delve into the development of Scarlet OT, an open-source tool designed as a plugin for MITRE's Caldera framework. Learn how this solution addresses the challenges of ICS security testing by enabling users to combine IT attacks with OT adversaries, modify attack steps, and send manual commands. Discover insights gained from analyzing factory traffic and 19 MITRE-defined ICS malwares, including the evolution of ICS malware trends and a four-stage attacking flow. Gain an understanding of Scarlet OT's capabilities, supporting 10 common protocols and over 23 techniques on the MITRE ICS matrix, allowing reproduction of more than 80% of defined ICS malware actions. Witness a live demonstration and learn about the tool's successful testing on real industrial devices across various sectors. Speaker Vic Huang, known for his expertise in Web/Mobile/Blockchain Security and penetration testing, shares valuable insights from his research presented at numerous security conferences.

Scarlet OT – OT adversary emulation for fun and profit - Vic Huang - Ekoparty 2023