This is the second in a three-part series on building and using a testing bench for Industrial Control Systems (ICS).
In this series, Rapi7 researchers will build a physical test bench, review program logic to find flaws, perform manual exploitation of commonly used ICS protocols such as Modbus, then develop malware to automatically exploit the bench to cause flooding.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Threat landscape for industrial automation systems in Q3 2025
December 25, 2025
In Q3 2025, the percentage of ICS computers on which malicious objects were blocked decreased from the previous quarter by 0.4 pp to 20.1%. This is the lowest level for the observed period. Regionally, the percentage of ICS computers on which malicious objects were blocked ranged from 9.2% in Northern Europe to 27.4% in Africa. The most ...
- Principles for the Secure Integration of Artificial Intelligence in Operational Technology
December 3, 2025
Since the public release of ChatGPT in November 2022, artificial intelligence (AI) has been integrated into many facets of human society. For critical infrastructure owners and operators, AI can potentially be used to increase efficiency and productivity, enhance decision-making, save costs, and improve customer experience. Despite the many benefits, integrating AI into operational technology (OT) environments ...
- Industrial computing systems at risk from “time bombs ” in malicious NuGet packages
November 10, 2025
Thousands of critical infrastructure organizations, as well as those working in other, equally important verticals, were targeted by a perfidious attack that sought to sabotage their industrial control devices (ICD) two years down the line, experts have discovered. Cybersecurity researchers Socket recently found nine packages on NuGet that contained sabotage payloads set to activate in 2027 ...
- Canadian government claims hacktivists are attacking water and energy facilities
October 31, 2025
The Canadian government has issued a new security alert warning of so-called hacktivists targeting Industrial Control Systems (ICS). The report says the Cyber Centre and the Royal Canadian Mounted Police has received “multiple reports” of incidents involving internet-accessible ICS. Among the reports were an attack on a water facility, in which the miscreants tampered with water ...
- Creating and maintaininga definitive view of your Operational Technology Architecture
September 29, 2025
OT systems are a prime target due to their criticality and the potential impact if these systems are disrupted. As the number and capability of threat actor targeting OT increases, so too does the need for robust cyber security controls. However, the complexity, scale, and long-standing nature of OT systems often means organisations can lack a ...
- Threat landscape for industrial automation systems in Q2 2025
September 19, 2025
In Q2 2025, the percentage of ICS computers on which malicious objects were blocked decreased by 1.4 pp from the previous quarter to 20.5%. Compared to Q2 2024, the rate decreased by 3.0 pp. Regionally, the percentage of ICS computers on which malicious objects were blocked ranged from 11.2% in Northern Europe to 27.8% in Africa. ...