SlideShare a Scribd company logo

Mission kill process targeting in ics attacks

Joe Slowik
Joe Slowik

This document discusses tactics for targeted cyber attacks against industrial control systems. It describes how adversaries are gaining greater understanding of critical infrastructure dependencies and focusing attacks on key nodes to cause physical damage and disruption. The document advocates for improved process monitoring, network visibility in ICS networks, and resilience strategies to help detect and recover from such attacks.

Technology
1 of 40
Download to read offline
Principal Adversary Hunter
❑ ❑ ❑ ❑ ❑ ❑
❑ ❑ ❑ ❑
Preparatory Actions Deny Degrade Destroy
Breach victim IT network Identify points of contact with ICS Enumerate and categorize control system environment Deliver effects on objective
Focused targeting on a specific stage or aspect of an industrial process May be technical (specific equipment, software) or operational (specific stage of process) NOT indiscriminate wiping, ransomware, worms, etc.
2016 Ukraine 2017 Saudi Arabia 2019 Saudi Arabia
Penetrate ICS, place malware on computers communicating to field devices Schedule malware execution to open breakers at target transmission site Perform a limited wipe and system disabling event on infected machines Target protective relays with DoS exploit post- attack*
Attackers used “wiper” to delay recovery in 2015 – but UA operators quickly moved to manual restoration Assume attackers took note: wiper functionality in 2016 would not delay (near-term) service recovery 2016 “wiper” intended for other purposes: eliminate logical view and control of SCADA environment
https://new.siemens.com/global/en/products/energy /energy-automation-and-smart-grid/protection- relays-and-control.html https://www.littelfuse.com/products/protection- relays-and-controls/protection-relays/protection- relay-pages/what-is-a-protection-relay.aspx
Induce widespread outage, loss of view condition Remove line protection from transmission operations Anticipate operator rush to recovery Stage physically destructive consequences with restoration of unprotected lines
Gain access to and harvest credentials from IT network (Mimikatz, ‘SecHack’) Leverage multiple open- or commercial-source tools for post- exploitation (WMImplant, administrative tools) Utilize remote access to OT network via stolen credentials Continue pivoting through network via credential capture Gain sufficient access to SIS to deploy TRISIS
https://realpars.com/wp- content/uploads/2018/08/What-Is-a-Safety- Instrumented-System.png https://www.livingreliability.com/en/wp- content/uploads/2014/07/EmersonSisCourse1_Depic tionOfLayersOfProtection.jpg
Compromise SIS and plant DCS Modify SIS safety settings to support desired impact Modify or manipulate DCS to create unsafe plant state SIS modification allows unsafe state to persist or accelerate
Modify SIS to eliminate safety layer Leverage DCS compromise to produce dangerous plant status Maximize potential damage, plant impact due to SIS failure
World’s largest oil processing and crude stabilization facility Primary processing hub for removing hydrogen sulfide (“sweetening”) Abqaiq is vital to preparing Saudi oil for sale/distribution on world markets
https://www.phxequip.com/Multimedia/images/plan t/original/hydrodesulfurization-hds-unit-165-tph- 1675.jpg https://en.wikipedia.org/wiki/File:HDS_Flow.png
Target hydrodesulfurization facilities, operations Significantly limit Saudi ability to export oil to market Maximize disruption through disabling critical path node
https://static.tvtropes.org/pmwiki/pub/images/Split_Arrow_6053.png
Adversaries are learning about ICS operations Increased knowledge yields understanding of functional dependencies Adversaries can engage in focused targeting of critical systems
Process Protection Process Safety Process Dependency
Targeted Attacks Physical Damage Loss of Life Increased Downtime Process Disruption
https://i1.wp.com/militaryhistorynow.com/wp-content/uploads/2017/05/Maginot-line.jpg
ICS Security Traditional IT- Centric Defense Process Monitoring and Analysis Resilience and Recovery Investment
Process data already captured for operations purposes Improve host and network visibility in control system networks Combine datasets to formulate full-scope, ICS-aware detection methodology
Adapt or modify existing contingencies to incorporate cyber Identify critical path process nodes to focus defense, recovery, resilience Allocate resources to facilitate rapid critical resource restoration in an incident
https://www.mod.go.jp/atla/img/en/center/img_center02.png
• Anatomy of an Attack: Detecting and Defeating CRASHOVERRIDE – Dragos (https://dragos.com/resource/anatomy-of-an-attack-detecting- and-defeating-crashoverride/) • Stuxnet to CRASHOVERRIDE to TRISIS: Evaluating the History and Future of Integrity-Based Attacks on Industrial Environments – Joe Slowik, Dragos (https://dragos.com/wp-content/uploads/Past-and-Future-of-Integrity-Based-ICS-Attacks.pdf) • CRASHOVERRIDE: Reassessing the 2016 Ukraine Electric Power Event as a Protection-Focused Attack – Joe Slowik, Dragos (https://dragos.com/wp-content/uploads/CRASHOVERRIDE.pdf) • WIN32/Industroyer: A New Threat for Industrial Control Systems – ESET (https://www.welivesecurity.com/wp- content/uploads/2017/06/Win32_Industroyer.pdf) • Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure – FireEye (https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html)
Mission kill process targeting in ics attacks

Recommended

Past and future of integrity based attacks in ics environments
Past and future of integrity based attacks in ics environmentsPast and future of integrity based attacks in ics environments
Past and future of integrity based attacks in ics environments
Joe Slowik
 
Cyber consequences, operational dependencies, and full scope security
Cyber consequences, operational dependencies, and full scope securityCyber consequences, operational dependencies, and full scope security
Cyber consequences, operational dependencies, and full scope security
Joe Slowik
 
How to Increase ICS Cybersecurity Return on Investment (ROI)
How to Increase ICS Cybersecurity Return on Investment (ROI) How to Increase ICS Cybersecurity Return on Investment (ROI)
How to Increase ICS Cybersecurity Return on Investment (ROI)
Dragos, Inc.
 
2017-07-12 GovLoop: New Era of Digital Security
2017-07-12 GovLoop: New Era of Digital Security2017-07-12 GovLoop: New Era of Digital Security
2017-07-12 GovLoop: New Era of Digital Security
Shawn Wells
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14
James Nesbitt
 
How Malware Works
How Malware WorksHow Malware Works
How Malware Works
AlienVault
 
Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!
Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!
Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!
MSHOWTO Bilisim Toplulugu
 
How to Simplify Audit Compliance with Unified Security Management
How to Simplify Audit Compliance with Unified Security ManagementHow to Simplify Audit Compliance with Unified Security Management
How to Simplify Audit Compliance with Unified Security Management
AlienVault
 

Recommended

Past and future of integrity based attacks in ics environments
Past and future of integrity based attacks in ics environmentsPast and future of integrity based attacks in ics environments
Past and future of integrity based attacks in ics environments
Joe Slowik
 
Cyber consequences, operational dependencies, and full scope security
Cyber consequences, operational dependencies, and full scope securityCyber consequences, operational dependencies, and full scope security
Cyber consequences, operational dependencies, and full scope security
Joe Slowik
 
How to Increase ICS Cybersecurity Return on Investment (ROI)
How to Increase ICS Cybersecurity Return on Investment (ROI) How to Increase ICS Cybersecurity Return on Investment (ROI)
How to Increase ICS Cybersecurity Return on Investment (ROI)
Dragos, Inc.
 
2017-07-12 GovLoop: New Era of Digital Security
2017-07-12 GovLoop: New Era of Digital Security2017-07-12 GovLoop: New Era of Digital Security
2017-07-12 GovLoop: New Era of Digital Security
Shawn Wells
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14
James Nesbitt
 
How Malware Works
How Malware WorksHow Malware Works
How Malware Works
AlienVault
 
Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!
Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!
Windows Server 2016 ile İşlerinizi Daha Güvenli Gerçekleştirin!
MSHOWTO Bilisim Toplulugu
 
How to Simplify Audit Compliance with Unified Security Management
How to Simplify Audit Compliance with Unified Security ManagementHow to Simplify Audit Compliance with Unified Security Management
How to Simplify Audit Compliance with Unified Security Management
AlienVault
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
AlienVault
 
Defending against industrial malware
Defending against industrial malwareDefending against industrial malware
Defending against industrial malware
Ayed Al Qartah
 
Supply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorSupply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy Sector
Kaspersky
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USM
AlienVault
 
DFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsDFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
Christopher Gerritz
 
Improve Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMImprove Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USM
AlienVault
 
Trend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning PresentationTrend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning Presentation
Graeme Wood
 
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 ruleWalk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
EnterpriseGRC Solutions, Inc.
 
Data Center Server security
Data Center Server securityData Center Server security
Data Center Server security
xband
 
From Code to Customer: How to Make Software Products Secure
From Code to Customer: How to Make Software Products SecureFrom Code to Customer: How to Make Software Products Secure
From Code to Customer: How to Make Software Products Secure
Kaspersky
 
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
HyTrust
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVault
AlienVault
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protection
xband
 
productsheet_csi70_brief
productsheet_csi70_briefproductsheet_csi70_brief
productsheet_csi70_brief
Sagren Naidoo
 
Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11
Skybox Security
 
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionTwo for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content Protection
Cisco Canada
 
Creating Correlation Rules in AlienVault
Creating Correlation Rules in AlienVaultCreating Correlation Rules in AlienVault
Creating Correlation Rules in AlienVault
AlienVault
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USM
AlienVault
 
Industrial Cybersecurity & SCADA hacks presentation
Industrial Cybersecurity & SCADA hacks presentationIndustrial Cybersecurity & SCADA hacks presentation
Industrial Cybersecurity & SCADA hacks presentation
Gavin Davey
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
Patricia M Watson
 
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Abhishek Goel
 
IDSaaS: Intrusion Detection System as a Service in Cloud
IDSaaS: Intrusion Detection System as a Service in CloudIDSaaS: Intrusion Detection System as a Service in Cloud
IDSaaS: Intrusion Detection System as a Service in Cloud
IRJET Journal
 

More Related Content

What's hot

Defending against industrial malware
Defending against industrial malwareDefending against industrial malware
Defending against industrial malware
Ayed Al Qartah
 
Improve Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMImprove Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USM
AlienVault
 
Trend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning PresentationTrend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning Presentation
Graeme Wood
 
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
HyTrust
 
productsheet_csi70_brief
productsheet_csi70_briefproductsheet_csi70_brief
productsheet_csi70_brief
Sagren Naidoo
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USM
AlienVault
 
Industrial Cybersecurity & SCADA hacks presentation
Industrial Cybersecurity & SCADA hacks presentationIndustrial Cybersecurity & SCADA hacks presentation
Industrial Cybersecurity & SCADA hacks presentation
Gavin Davey
 

What's hot (19)

New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
 
Defending against industrial malware
Defending against industrial malwareDefending against industrial malware
Defending against industrial malware
 
Supply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorSupply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy Sector
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USM
 
DFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsDFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
 
Improve Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMImprove Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USM
 
Trend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning PresentationTrend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning Presentation
 
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 ruleWalk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
 
Data Center Server security
Data Center Server securityData Center Server security
Data Center Server security
 
From Code to Customer: How to Make Software Products Secure
From Code to Customer: How to Make Software Products SecureFrom Code to Customer: How to Make Software Products Secure
From Code to Customer: How to Make Software Products Secure
 
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVault
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protection
 
productsheet_csi70_brief
productsheet_csi70_briefproductsheet_csi70_brief
productsheet_csi70_brief
 
Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11
 
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionTwo for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content Protection
 
Creating Correlation Rules in AlienVault
Creating Correlation Rules in AlienVaultCreating Correlation Rules in AlienVault
Creating Correlation Rules in AlienVault
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USM
 
Industrial Cybersecurity & SCADA hacks presentation
Industrial Cybersecurity & SCADA hacks presentationIndustrial Cybersecurity & SCADA hacks presentation
Industrial Cybersecurity & SCADA hacks presentation
 

Similar to Mission kill process targeting in ics attacks

SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
Patricia M Watson
 
THE STATE OF THE ICS CYBERSECURITY THREAT LANDSCAPE FOR DIGITAL OILFIELDS
THE STATE OF THE ICS CYBERSECURITY THREAT LANDSCAPE FOR DIGITAL OILFIELDSTHE STATE OF THE ICS CYBERSECURITY THREAT LANDSCAPE FOR DIGITAL OILFIELDS
THE STATE OF THE ICS CYBERSECURITY THREAT LANDSCAPE FOR DIGITAL OILFIELDS
iQHub
 
Copyright © 2005, Sandia Corporation. The submitte.docx
Copyright © 2005, Sandia Corporation. The submitte.docxCopyright © 2005, Sandia Corporation. The submitte.docx
Copyright © 2005, Sandia Corporation. The submitte.docx
vanesaburnand
 
SCADA Security Training
SCADA Security TrainingSCADA Security Training
SCADA Security Training
Bryan Len
 
Cloud Security Solution Overview
Cloud Security Solution OverviewCloud Security Solution Overview
Cloud Security Solution Overview
Cisco Service Provider
 
Cyber Security for SCADA
Cyber Security for SCADACyber Security for SCADA
Cyber Security for SCADA
Richard Umbrino
 

Similar to Mission kill process targeting in ics attacks (20)

SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
 
IDSaaS: Intrusion Detection System as a Service in Cloud
IDSaaS: Intrusion Detection System as a Service in CloudIDSaaS: Intrusion Detection System as a Service in Cloud
IDSaaS: Intrusion Detection System as a Service in Cloud
 
Booz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Industrial Cybersecurity Threat BriefingBooz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Industrial Cybersecurity Threat Briefing
 
IJSRED-V2I2P15
IJSRED-V2I2P15IJSRED-V2I2P15
IJSRED-V2I2P15
 
THE STATE OF THE ICS CYBERSECURITY THREAT LANDSCAPE FOR DIGITAL OILFIELDS
THE STATE OF THE ICS CYBERSECURITY THREAT LANDSCAPE FOR DIGITAL OILFIELDSTHE STATE OF THE ICS CYBERSECURITY THREAT LANDSCAPE FOR DIGITAL OILFIELDS
THE STATE OF THE ICS CYBERSECURITY THREAT LANDSCAPE FOR DIGITAL OILFIELDS
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA
 
Securing SCADA
Securing SCADASecuring SCADA
Securing SCADA
 
Copyright © 2005, Sandia Corporation. The submitte.docx
Copyright © 2005, Sandia Corporation. The submitte.docxCopyright © 2005, Sandia Corporation. The submitte.docx
Copyright © 2005, Sandia Corporation. The submitte.docx
 
SCADA Security Training
SCADA Security TrainingSCADA Security Training
SCADA Security Training
 
Crowdstrike .pptx
Crowdstrike .pptxCrowdstrike .pptx
Crowdstrike .pptx
 
How PCI And PA DSS will change enterprise applications
How PCI And PA DSS will change enterprise applicationsHow PCI And PA DSS will change enterprise applications
How PCI And PA DSS will change enterprise applications
 
ICS security
ICS securityICS security
ICS security
 
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
 
Cloud Security Solution Overview
Cloud Security Solution OverviewCloud Security Solution Overview
Cloud Security Solution Overview
 
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor Fiorim[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
 
Cisco Connected Factory - Security
Cisco Connected Factory - SecurityCisco Connected Factory - Security
Cisco Connected Factory - Security
 
Cyber Security for SCADA
Cyber Security for SCADACyber Security for SCADA
Cyber Security for SCADA
 
Detailed Analysis of Security Challenges in the Domain of Hybrid Cloud
Detailed Analysis of Security Challenges in the Domain of Hybrid CloudDetailed Analysis of Security Challenges in the Domain of Hybrid Cloud
Detailed Analysis of Security Challenges in the Domain of Hybrid Cloud
 
Tech f43
Tech f43Tech f43
Tech f43
 

More from Joe Slowik

Burrowing Through The Network - Contextualizing The Vulkan Leaks
Burrowing Through The Network - Contextualizing The Vulkan LeaksBurrowing Through The Network - Contextualizing The Vulkan Leaks
Burrowing Through The Network - Contextualizing The Vulkan Leaks
Joe Slowik
 
Aligning Threat Intelligence to Defender Needs - Identifying Activity Groups
Aligning Threat Intelligence to Defender Needs - Identifying Activity GroupsAligning Threat Intelligence to Defender Needs - Identifying Activity Groups
Aligning Threat Intelligence to Defender Needs - Identifying Activity Groups
Joe Slowik
 

More from Joe Slowik (8)

Understanding Indicators
Understanding IndicatorsUnderstanding Indicators
Understanding Indicators
 
Burrowing Through The Network - Contextualizing The Vulkan Leaks
Burrowing Through The Network - Contextualizing The Vulkan LeaksBurrowing Through The Network - Contextualizing The Vulkan Leaks
Burrowing Through The Network - Contextualizing The Vulkan Leaks
 
Assessing the Balance Between Visibility & Confidentiality in ICS Network Tra...
Assessing the Balance Between Visibility & Confidentiality in ICS Network Tra...Assessing the Balance Between Visibility & Confidentiality in ICS Network Tra...
Assessing the Balance Between Visibility & Confidentiality in ICS Network Tra...
 
Thrice Is Nice: Ukraine In Review
Thrice Is Nice: Ukraine In ReviewThrice Is Nice: Ukraine In Review
Thrice Is Nice: Ukraine In Review
 
Full-Spectrum Information Operations for Critical Infrastructure Attacks
Full-Spectrum Information Operations for Critical Infrastructure AttacksFull-Spectrum Information Operations for Critical Infrastructure Attacks
Full-Spectrum Information Operations for Critical Infrastructure Attacks
 
Aligning Threat Intelligence to Defender Needs - Identifying Activity Groups
Aligning Threat Intelligence to Defender Needs - Identifying Activity GroupsAligning Threat Intelligence to Defender Needs - Identifying Activity Groups
Aligning Threat Intelligence to Defender Needs - Identifying Activity Groups
 
EASE spectre meltdown_support
EASE spectre meltdown_supportEASE spectre meltdown_support
EASE spectre meltdown_support
 
SANS DFIR Prague: PowerShell & WMI
SANS DFIR Prague: PowerShell & WMISANS DFIR Prague: PowerShell & WMI
SANS DFIR Prague: PowerShell & WMI
 

Recently uploaded

Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
WSO2
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 

Recently uploaded (20)

Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
 

Mission kill process targeting in ics attacks