This talks explores a real-world Red Teaming operation where the targeted organization, a company operating in the manufacturing sector, defined a very clear goal for the mission: steal a receipt adopted by a brand-new machinery installed in a company’s facility. Since the receipt was stored inside the PLC used by the machinery some SCADA hacking was required.
The talk will run through the preparation steps required to perform the physical intrusion and the process for the creation of an attack scenario to achieve the goal. The second part of the talk will focus on the attack against an Industrial Control System (ICS) devices that took place before the intrusion, and that enabled the hack of the stolen PLC to access the required asset.
