The US Department of Homeland security is warning about vulnerabilities in a common SCADA package that is used to monitor and manage solar energy-generating power plants remotely. This type of attack allows unauthenticated remote attackers to gain administrative access and execute arbitrary commands. As the OT expert, your manager asks you to find the vulnerability and mitigation.
Security researchers have uncovered a new malware, named "Havex", which was used in several previous cyberattacks against organizations in the energy sector. IT researchers, suspecting a backdoor implementation that acts as a remote access Trojan. The local power station hired you to locate the RAT and mitigate it.
Security researchers have discovered a piece of malware that uses code from the Stuxnet malware and that target industrial control systems. Siemens factory in north Berlin suffered critical damage during the attack. The attack managed to replace a DLL file with a malicious copy, potentially allowing the malware to target their control system configuration.
A Chinese hacker linked to the Chinese army was caught breaking into a United States water control system, Honeypot. The honeypots mimicked the ICS/SCADA devices used in many critical infrastructure power and water plants.
Syringe infusion pump used in acute care settings could be remotely accessed and manipulated by hackers to impact the intended operation of the device. Your team leader asks you to test the infusion pumps and to run a vulnerability test on their systems.