This document provides an overview and agenda for a presentation on SCADA hacking. It begins with definitions of SCADA and related terms, describes where SCADA systems are commonly used and why they are used for industrial control. It then addresses common misconceptions about SCADA security and realities, discusses some common industrial protocols, and outlines how the presenter will demonstrate pentesting SCADA systems and industrial malware. The document provides context and background information to set up the presentation.
Serão demonstradas diversas técnicas de ataque, tais como: Injeções de codigos,brute force, backdoors, root kits, exploits e várias outras maneiras para acessar e se manter indevidamente a servidores,em contra-partida são discutidas melhores praticas para se
evitar os tipos de ataques citados. (Palestra realizada no 3º Festival de Software livre em belo horizonte - FSLBH)
Privacidade e Segurança: Paranoia ou eles estão realmente lá fora para te pegar?TechSoup Brasil
Este webinar discute privacidade e segurança online, fornecendo dicas para proteger informações pessoais e manter dispositivos seguros. Os palestrantes apresentam a campanha STOP. THINK. CONNECT. para aumentar a conscientização sobre cibersegurança e explicam como implementar autenticação de dois fatores para contas. Eles também fornecem recomendações para organizações manterem dados e funcionários protegidos online.
O documento resume uma palestra sobre forense computacional com ferramentas de software livre. O palestrante discute os desafios da área, as etapas de uma investigação digital, distribuições Linux para forense, ferramentas abertas e demonstra análises de memória e tráfego de rede.
O documento discute o que é hacking e os diferentes tipos de hackers, como script kiddies, crackers e hackers éticos. Também aborda técnicas comuns de ataque, como port scanning e buffer overflow, além de engenharia social. Por fim, destaca a importância da ética no hacking e as etapas do processo de hacking ético.
CYBER SECURITY QUAL É A OPINIÃO DO BRASILWilliam Beer
Ataques cibernéticos e vazamentos de dados são uma realidade no atual contexto econômico global impactando empresas, governos e consumidores em suas atividades cotidianas.
Livro proibido do curso de hacker completo 285 páginas 71Guilherme Dias
O documento descreve a apresentação de um livro em formato eBook. O livro publicado em 2003 fez sucesso ao abordar invasões de contas bancárias e máquinas virtuais. O autor pede aos leitores que identifiquem erros para correções futuras e convida a envio de sugestões para o volume 2.
Slides for the presentation about SCADA hacking given on Hackers 2 Hackers Conference 10th edition at São Paulo, Brazil
Demo videos:
- Wago 0day DOS: https://www.youtube.com/watch?v=ACMJmXy4hSg
- Modbus Replay: https://www.youtube.com/watch?v=1pfZDiUUQHQ
Presentation Video (pt_BR)
- https://www.youtube.com/watch?v=R1snsQ_WS9Y
The document presents a project on developing a three-factor authentication (3FA) smart lock system called iSecure. It discusses introducing RFID, PIN, and OTP for secure authentication. The system aims to provide secure access, fast authentication, and logs all attempts. Hardware components include a Raspberry Pi, touch screen, RFID reader, relay module, and electric lock. The system design includes a database to store user data and works through RFID detection, PIN verification, and OTP validation. Future work may include additional authentication methods and improvements to security, notifications, and customization.
Serão demonstradas diversas técnicas de ataque, tais como: Injeções de codigos,brute force, backdoors, root kits, exploits e várias outras maneiras para acessar e se manter indevidamente a servidores,em contra-partida são discutidas melhores praticas para se
evitar os tipos de ataques citados. (Palestra realizada no 3º Festival de Software livre em belo horizonte - FSLBH)
Privacidade e Segurança: Paranoia ou eles estão realmente lá fora para te pegar?TechSoup Brasil
Este webinar discute privacidade e segurança online, fornecendo dicas para proteger informações pessoais e manter dispositivos seguros. Os palestrantes apresentam a campanha STOP. THINK. CONNECT. para aumentar a conscientização sobre cibersegurança e explicam como implementar autenticação de dois fatores para contas. Eles também fornecem recomendações para organizações manterem dados e funcionários protegidos online.
O documento resume uma palestra sobre forense computacional com ferramentas de software livre. O palestrante discute os desafios da área, as etapas de uma investigação digital, distribuições Linux para forense, ferramentas abertas e demonstra análises de memória e tráfego de rede.
O documento discute o que é hacking e os diferentes tipos de hackers, como script kiddies, crackers e hackers éticos. Também aborda técnicas comuns de ataque, como port scanning e buffer overflow, além de engenharia social. Por fim, destaca a importância da ética no hacking e as etapas do processo de hacking ético.
CYBER SECURITY QUAL É A OPINIÃO DO BRASILWilliam Beer
Ataques cibernéticos e vazamentos de dados são uma realidade no atual contexto econômico global impactando empresas, governos e consumidores em suas atividades cotidianas.
Livro proibido do curso de hacker completo 285 páginas 71Guilherme Dias
O documento descreve a apresentação de um livro em formato eBook. O livro publicado em 2003 fez sucesso ao abordar invasões de contas bancárias e máquinas virtuais. O autor pede aos leitores que identifiquem erros para correções futuras e convida a envio de sugestões para o volume 2.
Slides for the presentation about SCADA hacking given on Hackers 2 Hackers Conference 10th edition at São Paulo, Brazil
Demo videos:
- Wago 0day DOS: https://www.youtube.com/watch?v=ACMJmXy4hSg
- Modbus Replay: https://www.youtube.com/watch?v=1pfZDiUUQHQ
Presentation Video (pt_BR)
- https://www.youtube.com/watch?v=R1snsQ_WS9Y
The document presents a project on developing a three-factor authentication (3FA) smart lock system called iSecure. It discusses introducing RFID, PIN, and OTP for secure authentication. The system aims to provide secure access, fast authentication, and logs all attempts. Hardware components include a Raspberry Pi, touch screen, RFID reader, relay module, and electric lock. The system design includes a database to store user data and works through RFID detection, PIN verification, and OTP validation. Future work may include additional authentication methods and improvements to security, notifications, and customization.
The document discusses ethical hacking. It begins by defining hacking and different types of hackers, including white hat, black hat, and grey hat hackers. It then defines ethical hacking as hacking done with consent and for beneficial purposes, such as identifying security vulnerabilities. The document outlines the techniques used in ethical hacking, including information gathering, vulnerability scanning, exploitation, and analysis. It discusses the importance of ethical hacking for organizations and the code of conduct ethical hackers follow. Overall, the document provides an overview of ethical hacking, its purpose, and the methods used.
This document provides guidance on computer security log management. It discusses the need for log management to effectively generate, store, analyze and dispose of log data. It addresses challenges like large log volumes and inconsistent log formats. The document recommends establishing logging policies, prioritizing log management, designing log infrastructures, and establishing standard operational processes for configuring logs, analyzing data, responding to events and long-term storage. The intended audience is those responsible for computer security log management.
This document provides guidance for securing industrial control systems such as SCADA and DCS. It identifies threats and vulnerabilities to these systems and recommends security countermeasures. ICSs often control critical infrastructure systems and face risks due to increased network connectivity and standardized protocols. The document outlines developing a security program including assessing risks, deploying controls, and network segmentation best practices to isolate control systems from other networks.
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...Cyber Security Alliance
Threats, risks, actors, trends, attack techniques, defense issues and possible future scenarios for Critical Infrastructures in the age of cyber insecurity.
Big Data Security Challenges: An Overview and Application of User Behavior An...IRJET Journal
This document discusses big data security challenges and the application of user behavior analytics (UBA) to address those challenges. It first provides background on big data, defining its key characteristics and applications. It then outlines security risks to big data like privacy risks and risks to the data itself. Common big data security challenges are also summarized such as issues around data distribution, privacy, integrity and access control. The document then introduces UBA as a novel security analytics method, explaining how it uses machine learning to analyze user behaviors and detect anomalies that may indicate security threats like credential compromise or insider threats. Key advantages of UBA over other security tools are that it can more efficiently detect malicious user behavior and privileged account abuse.
Johannes Klick, Daniel Marzin. Find Them, Bind Them - Industrial Control Syst...Positive Hack Days
This document discusses finding and assessing industrial control systems on the internet. It introduces SCADA systems and describes exploring exploits and vulnerabilities. Methods covered for finding devices include using the SHODAN search engine and a custom SCADACSS search tool that scans for protocols like HTTP, S7Com and Modbus. Assessments of found devices are mapped on the Industrial Risk Assessment Map. The document claims many ICS devices are accessible despite manufacturer statements.
The Business Of Information Security In India - TestbytesTestbytes
information /cyber security is in high demand at this juncture of time. Owing to current attacks Indian companies had to face, they are planning to invest billion of dollars on the security industry. But the question is will the industry be able to keep up with the huge demand?
This slide share here is devised as a result of research conducted by Softbreaks an IT recruitment service
which offers a complete solution for recruiters, employers, and employees.
Sponsors for the research are,
Redbytes (App Development Company) and Trackschoolbus
(software and hardware providers for complete tracking solution
The Business Of Information Security In India - TestbytesTestbytes
information /cyber security is in high demand at this juncture of time. Owing to current attacks Indian companies had to face, they are planning to invest billion of dollars on the security industry. But the question is will the industry be able to keep up with the huge demand?
This slide share here is devised as a result of research conducted by Softbreaks an IT recruitment service
which offers a complete solution for recruiters, employers, and employees.
Sponsors for the research are,
Redbytes (App Development Company) and Trackschoolbus
(software and hardware providers for complete tracking solution)
This project presents a door locking system which suggests two ways for unlocking a door using Internet of Things (IoT) and Fingerprint. Most of the major door lock security systems have several loopholes which could be broken down to gain access to the desired places, and it creates a concern for a secure lifestyle and proper working environment. People can access Internet services by using their cell phone, laptop and various gadgets. Fingerprint is a reliable biometric feature having a wide range of applications that require authentication. Biometric systems such as fingerprint provide tools to enforce reliable logs of system transactions and protect an individual’s right to privacy. In the proposed system, fingerprints of the authorized users are enrolled and verified to provide access to a facility that is used by multiple users. A user can also be removed and a new user can be enrolled in the system. We have implemented a centralized control system from where we can control who can enter in which rooms and who cannot. This is an Arduino Mega device based. Fingerprints are stored dynamically in a database for computing the different statistics.
New challenges to secure the IoT (with notes)Caston Thomas
The document discusses several key concepts regarding IoT security:
1. IoT security is not the same as BYOD security, as IoT encompasses a wider range of connected devices beyond just personal devices, including devices built into emerging technologies like smart home systems.
2. Many IoT devices have inherent security weaknesses like a lack of encryption, weak authentication, and inability to receive software updates. These weaknesses are similar to issues previously seen with wired devices and software.
3. Securing IoT requires a multi-pronged approach including education on risks, network segmentation, supplier certification of new devices, and using technologies to scan for and assess IoT security regularly. The complexity of interconnected IoT systems poses
The document discusses cyber security and the use of encryption to prevent information leakage. It provides contact information for IGN Mantra, Chairman of ACAD-CSIRT/CERT Indonesia Academic Computer Security Incident Response Team. It then lists various statistics related to hacking incidents and internet usage. It outlines different types of cyber attacks like web defacement, brute force attacks, DDoS attacks, and malware attacks. It concludes that the drivers of cybercrime and cyberwar include the availability of vulnerabilities, hacking tools, books, the pursuit of popularity and money, lack of understanding of the impacts of misusing information technology, and industrial and government espionage.
This document discusses the use of artificial intelligence techniques for preventing cyber attacks and detecting security threats. It begins by introducing AI and its potential applications in cybersecurity, such as detecting abnormalities in network traffic. It then discusses specific AI methods like machine learning that can be used for tasks like threat detection, securing IoT networks, and building resilient models. The document provides examples of how techniques like neural networks, support vector machines, and explainable AI can help automate cybersecurity monitoring and response. In summary, the document outlines the growing role of AI in cybersecurity defense and how various AI approaches are being applied to combat cyber attacks.
Detecting advanced and evasive threats on the networkDell World
Threat actors are increasingly employing evasive tactics that bypass traditional security controls, including more advanced technologies such as sandboxing. In this session, Dell SecureWorks will share examples of tactics used, their impact, what this means for organizations and new capabilities for addressing the risk posed by these threats.
This document discusses how the Internet of Things (IoT) can provide "perfect information" by connecting everything to the internet and collecting data from sensors. It explains that IoT involves digitizing the physical world, uncovering unused "dark data", connecting more devices with sensors, and using the data collected to create useful insights. The document outlines how businesses can find relevant data sources, collect data from endless sensors and communication methods, transform that data into actionable information using analytics platforms, and present the information through dashboards, heads-up displays, and smart advisors to empower decision making. The goal is to leverage IoT to know anything, anytime, anywhere and make fully informed choices.
Effective Data Erasure and Anti Forensics Techniquesijtsrd
Deleting sensitive data after usage is just as important as storing of data in a safe location. In the verge of cyber attacks such as data theft happening, it is best to delete or purge or destroy unwanted sensitive data after its use as soon as possible. Data stored offline, for example in hard disks are just as prone to get stolen as the data stored online. For destroying the data to ensure cybercriminals should not get hold of this, techniques such as Data Wiping and Anti Forensics are used. A study is done on how these techniques can be used to the advantage of our system and against the cyber criminals. Anand V | Dr. MN Nachappa "Effective Data Erasure and Anti-Forensics Techniques" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-1 , December 2020, URL: https://www.ijtsrd.com/papers/ijtsrd38043.pdf Paper URL : https://www.ijtsrd.com/computer-science/computer-security/38043/effective-data-erasure-and-antiforensics-techniques/anand-v
Every business leader knows it’s important to stay aware of new technology. But how do you separate ephemeral trends and “shiny objects” from innovations that can meaningfully improve what you offer? At GoKart Labs’ 2017 Client Summit, Solution Lead Eric (EJ) Johnson shared his perspective on how to keep up with emerging tech without wasting energy or missing opportunities.
Industrial IoT based on SAP TechnologyGlen Koskela
This document discusses industrial IoT and how it can optimize operations through technologies like predictive maintenance, asset tracking, and manufacturing analytics. It provides examples of how Fujitsu uses SAP technologies to enable IIoT applications across industries. These include condition-based maintenance using sensors to monitor equipment health, mobile work management apps for technicians, and remote expert support using augmented reality. The goal is to improve efficiency, reduce costs from errors and downtime, and transform processes by integrating IT and operational systems.
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...TI Safe
O documento discute ataques cibernéticos em ambientes industriais, descrevendo técnicas como engenharia social, reverse shell, keylogger, fork bomb, phishing e ransomware. Ele também explica como o framework MITRE ATT&CK documenta táticas, técnicas e procedimentos comuns usados em ataques avançados.
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...TI Safe
O documento discute os desafios do saneamento em cidades inteligentes. Ele explica que as cidades só podem se tornar verdadeiramente inteligentes quando as utilities de saneamento também se tornam inteligentes e compartilham dados de forma segura. Finalmente, destaca grandes desafios como conectividade, cibersegurança, integração de sistemas e soluções ponta a ponta para infraestruturas inteligentes.
More Related Content
Similar to [CLASS 2014] Palestra Técnica - Jan Seidl
The document discusses ethical hacking. It begins by defining hacking and different types of hackers, including white hat, black hat, and grey hat hackers. It then defines ethical hacking as hacking done with consent and for beneficial purposes, such as identifying security vulnerabilities. The document outlines the techniques used in ethical hacking, including information gathering, vulnerability scanning, exploitation, and analysis. It discusses the importance of ethical hacking for organizations and the code of conduct ethical hackers follow. Overall, the document provides an overview of ethical hacking, its purpose, and the methods used.
This document provides guidance on computer security log management. It discusses the need for log management to effectively generate, store, analyze and dispose of log data. It addresses challenges like large log volumes and inconsistent log formats. The document recommends establishing logging policies, prioritizing log management, designing log infrastructures, and establishing standard operational processes for configuring logs, analyzing data, responding to events and long-term storage. The intended audience is those responsible for computer security log management.
This document provides guidance for securing industrial control systems such as SCADA and DCS. It identifies threats and vulnerabilities to these systems and recommends security countermeasures. ICSs often control critical infrastructure systems and face risks due to increased network connectivity and standardized protocols. The document outlines developing a security program including assessing risks, deploying controls, and network segmentation best practices to isolate control systems from other networks.
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...Cyber Security Alliance
Threats, risks, actors, trends, attack techniques, defense issues and possible future scenarios for Critical Infrastructures in the age of cyber insecurity.
Big Data Security Challenges: An Overview and Application of User Behavior An...IRJET Journal
This document discusses big data security challenges and the application of user behavior analytics (UBA) to address those challenges. It first provides background on big data, defining its key characteristics and applications. It then outlines security risks to big data like privacy risks and risks to the data itself. Common big data security challenges are also summarized such as issues around data distribution, privacy, integrity and access control. The document then introduces UBA as a novel security analytics method, explaining how it uses machine learning to analyze user behaviors and detect anomalies that may indicate security threats like credential compromise or insider threats. Key advantages of UBA over other security tools are that it can more efficiently detect malicious user behavior and privileged account abuse.
Johannes Klick, Daniel Marzin. Find Them, Bind Them - Industrial Control Syst...Positive Hack Days
This document discusses finding and assessing industrial control systems on the internet. It introduces SCADA systems and describes exploring exploits and vulnerabilities. Methods covered for finding devices include using the SHODAN search engine and a custom SCADACSS search tool that scans for protocols like HTTP, S7Com and Modbus. Assessments of found devices are mapped on the Industrial Risk Assessment Map. The document claims many ICS devices are accessible despite manufacturer statements.
The Business Of Information Security In India - TestbytesTestbytes
information /cyber security is in high demand at this juncture of time. Owing to current attacks Indian companies had to face, they are planning to invest billion of dollars on the security industry. But the question is will the industry be able to keep up with the huge demand?
This slide share here is devised as a result of research conducted by Softbreaks an IT recruitment service
which offers a complete solution for recruiters, employers, and employees.
Sponsors for the research are,
Redbytes (App Development Company) and Trackschoolbus
(software and hardware providers for complete tracking solution
The Business Of Information Security In India - TestbytesTestbytes
information /cyber security is in high demand at this juncture of time. Owing to current attacks Indian companies had to face, they are planning to invest billion of dollars on the security industry. But the question is will the industry be able to keep up with the huge demand?
This slide share here is devised as a result of research conducted by Softbreaks an IT recruitment service
which offers a complete solution for recruiters, employers, and employees.
Sponsors for the research are,
Redbytes (App Development Company) and Trackschoolbus
(software and hardware providers for complete tracking solution)
This project presents a door locking system which suggests two ways for unlocking a door using Internet of Things (IoT) and Fingerprint. Most of the major door lock security systems have several loopholes which could be broken down to gain access to the desired places, and it creates a concern for a secure lifestyle and proper working environment. People can access Internet services by using their cell phone, laptop and various gadgets. Fingerprint is a reliable biometric feature having a wide range of applications that require authentication. Biometric systems such as fingerprint provide tools to enforce reliable logs of system transactions and protect an individual’s right to privacy. In the proposed system, fingerprints of the authorized users are enrolled and verified to provide access to a facility that is used by multiple users. A user can also be removed and a new user can be enrolled in the system. We have implemented a centralized control system from where we can control who can enter in which rooms and who cannot. This is an Arduino Mega device based. Fingerprints are stored dynamically in a database for computing the different statistics.
New challenges to secure the IoT (with notes)Caston Thomas
The document discusses several key concepts regarding IoT security:
1. IoT security is not the same as BYOD security, as IoT encompasses a wider range of connected devices beyond just personal devices, including devices built into emerging technologies like smart home systems.
2. Many IoT devices have inherent security weaknesses like a lack of encryption, weak authentication, and inability to receive software updates. These weaknesses are similar to issues previously seen with wired devices and software.
3. Securing IoT requires a multi-pronged approach including education on risks, network segmentation, supplier certification of new devices, and using technologies to scan for and assess IoT security regularly. The complexity of interconnected IoT systems poses
The document discusses cyber security and the use of encryption to prevent information leakage. It provides contact information for IGN Mantra, Chairman of ACAD-CSIRT/CERT Indonesia Academic Computer Security Incident Response Team. It then lists various statistics related to hacking incidents and internet usage. It outlines different types of cyber attacks like web defacement, brute force attacks, DDoS attacks, and malware attacks. It concludes that the drivers of cybercrime and cyberwar include the availability of vulnerabilities, hacking tools, books, the pursuit of popularity and money, lack of understanding of the impacts of misusing information technology, and industrial and government espionage.
This document discusses the use of artificial intelligence techniques for preventing cyber attacks and detecting security threats. It begins by introducing AI and its potential applications in cybersecurity, such as detecting abnormalities in network traffic. It then discusses specific AI methods like machine learning that can be used for tasks like threat detection, securing IoT networks, and building resilient models. The document provides examples of how techniques like neural networks, support vector machines, and explainable AI can help automate cybersecurity monitoring and response. In summary, the document outlines the growing role of AI in cybersecurity defense and how various AI approaches are being applied to combat cyber attacks.
Detecting advanced and evasive threats on the networkDell World
Threat actors are increasingly employing evasive tactics that bypass traditional security controls, including more advanced technologies such as sandboxing. In this session, Dell SecureWorks will share examples of tactics used, their impact, what this means for organizations and new capabilities for addressing the risk posed by these threats.
This document discusses how the Internet of Things (IoT) can provide "perfect information" by connecting everything to the internet and collecting data from sensors. It explains that IoT involves digitizing the physical world, uncovering unused "dark data", connecting more devices with sensors, and using the data collected to create useful insights. The document outlines how businesses can find relevant data sources, collect data from endless sensors and communication methods, transform that data into actionable information using analytics platforms, and present the information through dashboards, heads-up displays, and smart advisors to empower decision making. The goal is to leverage IoT to know anything, anytime, anywhere and make fully informed choices.
Effective Data Erasure and Anti Forensics Techniquesijtsrd
Deleting sensitive data after usage is just as important as storing of data in a safe location. In the verge of cyber attacks such as data theft happening, it is best to delete or purge or destroy unwanted sensitive data after its use as soon as possible. Data stored offline, for example in hard disks are just as prone to get stolen as the data stored online. For destroying the data to ensure cybercriminals should not get hold of this, techniques such as Data Wiping and Anti Forensics are used. A study is done on how these techniques can be used to the advantage of our system and against the cyber criminals. Anand V | Dr. MN Nachappa "Effective Data Erasure and Anti-Forensics Techniques" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-1 , December 2020, URL: https://www.ijtsrd.com/papers/ijtsrd38043.pdf Paper URL : https://www.ijtsrd.com/computer-science/computer-security/38043/effective-data-erasure-and-antiforensics-techniques/anand-v
Every business leader knows it’s important to stay aware of new technology. But how do you separate ephemeral trends and “shiny objects” from innovations that can meaningfully improve what you offer? At GoKart Labs’ 2017 Client Summit, Solution Lead Eric (EJ) Johnson shared his perspective on how to keep up with emerging tech without wasting energy or missing opportunities.
Industrial IoT based on SAP TechnologyGlen Koskela
This document discusses industrial IoT and how it can optimize operations through technologies like predictive maintenance, asset tracking, and manufacturing analytics. It provides examples of how Fujitsu uses SAP technologies to enable IIoT applications across industries. These include condition-based maintenance using sensors to monitor equipment health, mobile work management apps for technicians, and remote expert support using augmented reality. The goal is to improve efficiency, reduce costs from errors and downtime, and transform processes by integrating IT and operational systems.
Similar to [CLASS 2014] Palestra Técnica - Jan Seidl (20)
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...TI Safe
O documento discute ataques cibernéticos em ambientes industriais, descrevendo técnicas como engenharia social, reverse shell, keylogger, fork bomb, phishing e ransomware. Ele também explica como o framework MITRE ATT&CK documenta táticas, técnicas e procedimentos comuns usados em ataques avançados.
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...TI Safe
O documento discute os desafios do saneamento em cidades inteligentes. Ele explica que as cidades só podem se tornar verdadeiramente inteligentes quando as utilities de saneamento também se tornam inteligentes e compartilham dados de forma segura. Finalmente, destaca grandes desafios como conectividade, cibersegurança, integração de sistemas e soluções ponta a ponta para infraestruturas inteligentes.
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...TI Safe
O documento discute a importância de um laboratório de segurança cibernética industrial para infraestruturas críticas. Ele destaca exemplos de laboratórios em Israel e Portugal e requisitos para um laboratório no setor elétrico brasileiro. O documento também descreve os serviços e desafios de um laboratório como o Energy Cybersecurity Lab, uma parceria entre LACTEC e TI Safe para pesquisa, desenvolvimento e treinamento em segurança cibernética para redes de automação de energia elétrica.
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...TI Safe
O documento discute a certificação do ICS-SOC da TI Safe segundo a norma IEC 62443-2-4. Apresenta os requisitos da norma, o processo de certificação e os desafios de manter a conformidade no futuro, como remediar desvios, revisar documentação e elevar a maturidade dos processos.
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...TI Safe
This document discusses cybersecurity in electrical networks. It provides an overview of the evolving cyber threat landscape, and outlines a holistic approach to cybersecurity involving technology, processes, and people. The document discusses key cybersecurity standards like ISO/IEC 27001, IEC 62443, and IEC 62351. It also outlines Siemens' cybersecurity offerings, including secure products, certified solutions, and support services.
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...TI Safe
O documento descreve a jornada de 10 anos de cibersegurança da Ternium, começando com os desafios iniciais de proteger processos industriais críticos e sistemas de informação. Foi realizada uma análise de riscos com base em normas internacionais e implantada uma defesa em camadas com segmentação de rede, firewalls e monitoramento. O projeto evoluiu para um modelo multinacional com centralização e proteção dedicada para linhas críticas. Próximos passos incluem a adição de soluções de OT e aperfei
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...TI Safe
This document discusses best practices for operational technology (OT) security in a hyperconnected world. It outlines the current cybersecurity challenges faced by industries due to expanding attack surfaces and evolving threats. It recommends establishing pillars like segmentation, zero trust, and access control policies based on users to protect OT environments. The document also describes implementing a next-generation firewall, multi-factor authentication, endpoint security, event correlation and response workflows to enhance industrial cybersecurity.
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...TI Safe
1) Thales provides data encryption and security solutions for critical infrastructure sectors like utilities and energy. It has the number 1 market share for payment hardware security modules, general purpose HSMs, and cloud HSMs.
2) Cyber attacks on critical infrastructure are increasing, with ransomware attacks hitting 649 entities in 2021. Operational technology systems are also vulnerable, suffering 83% of breaches.
3) Thales provides end-to-end encryption solutions for critical infrastructure clients to securely transmit sensitive data. Case studies outline deployments for a global energy company and major UK energy operator to encrypt data across hybrid IT and protect critical communications.
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...TI Safe
O documento discute a importância de uma plataforma avançada de detecção e resposta a incidentes em ambientes OT/IOT. Apresenta dados sobre os setores mais atacados em 2021, com a manufatura em primeiro lugar. Também analisa as principais ameaças, vetores de ataque e regiões impactadas para os setores de manufatura, energia e transporte.
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...TI Safe
O documento discute a convergência entre Operational Technology (OT) e Information Technology (IT) e como proteger sistemas cibernéticos conectados à internet. Ele aborda a evolução dos sistemas de controle industrial, padrões como a ISA/IEC 62443 para segurança cibernética e desafios como ataques crescentes a sistemas industriais de controle.
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...TI Safe
Este documento discute a segurança cibernética no ambiente industrial da Gerdau, uma das principais produtoras de aço das Américas. O documento descreve a estrutura do projeto de segurança de redes industriais da Gerdau, incluindo as etapas de levantamento de campo, suprimentos, operação assistida, projeto e planejamento, e preparação e implantação. O projeto teve resultados positivos como nenhuma indisponibilidade causada e forte engajamento entre as equipes.
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...TI Safe
Critical infrastructure is increasingly being targeted by ransomware attacks and hacking, which have evolved from purely financially motivated crimes to acts of terrorism in some cases. A holistic approach is needed to address cybersecurity across both information technology and operational technology systems. Recent high-profile ransomware attacks have caused widespread disruptions by targeting critical infrastructure providers like the Colonial Pipeline and meat processor JBS. These attacks highlight the growing dangers posed by ransomware to critical industries and underscore the importance of proper cybersecurity policies, monitoring, and backups.
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...TI Safe
O documento discute a aplicação dos conceitos de cibersegurança e defesa em profundidade em subestações digitais na era da IEC 61850. Ele descreve um projeto de P&D de uma subestação digital que aplicou esses conceitos por meio de segmentação de redes, proteção de pontos finais, firewalls diversificados, autenticação, criptografia e hardening do sistema de acordo com padrões como a IEC 62351 e IEC 62443. O projeto gerou conhecimento para melhorar aplicações futuras de subestações digitais en
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...TI Safe
O documento discute a análise de riscos de cibersegurança, planejamento e implantação de contramedidas para conformidade com as novas regras do ONS para o Complexo de Belo Monte. Apresenta o histórico de cibersegurança da Norte Energia, a necessidade de conformidade regulatória e o planejamento de segurança. Também descreve a contratação da TI Safe para fornecer a solução ONS Ready e o progresso do projeto, com a Fase 1 concluída e a Fase 2 parcialmente implementada.
O documento discute conceitos como resiliência cibernética, antifragilidade cibernética, efeito Lindy, via negativa, pele no jogo e mercados impulsionando mudanças. Reforça a importância de visibilidade, inventário, segmentação e controle de anomalias para segurança cibernética bem feita.
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...TI Safe
O documento discute o desafio de implementar controle de acesso e autenticação multifator (MFA) no Grupo Energisa. O Grupo Energisa implementou uma solução tecnológica de MFA para melhorar a segurança, cumprir normas regulatórias e restringir acessos não autorizados. A implantação enfrentou desafios como a falta de base centralizada de usuários e mudança de cultura. A solução é gerenciada por meio de um SOC interno que monitora tentativas inválidas de login e aprova novos
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...TI Safe
O documento apresenta as principais ameaças cibernéticas a redes industriais, focando no cenário brasileiro. Apresenta os fatores de risco como ataques poderosos e o mundo em colapso, as ameaças reais como a profissionalização do cibercrime, e os resultados da 4a pesquisa TI Safe sobre a cibersegurança industrial no Brasil.
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...TI Safe
Este documento discute por que não se deve contratar SOCs de TI/híbridos para proteger redes industriais. Primeiramente, devido às diferenças no viés operacional entre TI e automação industrial, com a disponibilidade sendo o principal pilar de segurança para sistemas industriais. Além disso, pessoas, tecnologias e serviços de um SOC de TI podem não ser adequados para redes industriais e colocar a operação em risco. Um SOC dedicado à automação industrial deve ter especialistas qualificados, tecnologias apropriadas e procedimentos volt
Em 2020 o mundo experimentou uma situação inédita para a maioria dos seres humanos: uma pandemia global, provocada por um vírus desconhecido, que gerou mudanças significativas na vida de todos. No universo das empresas, foi observado um movimento de intensa digitalização de processos e adequação ao distanciamento social. Muitas delas, inclusive as indústrias, adotaram o trabalho remoto para seus colaboradores. Conforme as empresas adaptaram as suas operações, os criminosos também estabeleceram mudanças. São facilmente encontradas notícias relativas a golpes por email, WhatsApp e telefone. E com “chave de ouro”, 2021 foi aberto com o mega (ou seriaTera?) vazamento de dados de brasileiros, o que fornece mais combustível para esses golpes. O ICS-SOC (Centro de Operações de Segurança Cibernética Industrial, localizado no Rio de Janeiro) da TI Safe protege seus clientes contra ataques cibernéticos que possam afetar suas operações, fundamentais para a população e a cadeia de suprimentos do Brasil.Os dados de (milhões de) ataques de 2020, relativos a projetos desenvolvidos pela empresa, foram analisados para entender o aumento dos ataques em relação a 2019. Por uma questão de privacidade dos dados dos clientes, as informações serão apresentadas em percentuais.
O documento discute os novos procedimentos de segurança cibernética para adequação à rede do Operador Nacional do Sistema Elétrico (ONS), incluindo a implementação de controles de segurança em três ondas ao longo de três anos. A TI Safe propõe sua solução "ONS Ready" para ajudar as empresas de energia a cumprir os novos requisitos de segurança cibernética.
GlobalLogic Java Community Webinar #18 “How to Improve Web Application Perfor...GlobalLogic Ukraine
Під час доповіді відповімо на питання, навіщо потрібно підвищувати продуктивність аплікації і які є найефективніші способи для цього. А також поговоримо про те, що таке кеш, які його види бувають та, основне — як знайти performance bottleneck?
Відео та деталі заходу: https://bit.ly/45tILxj
Discover the Unseen: Tailored Recommendation of Unwatched ContentScyllaDB
The session shares how JioCinema approaches ""watch discounting."" This capability ensures that if a user watched a certain amount of a show/movie, the platform no longer recommends that particular content to the user. Flawless operation of this feature promotes the discover of new content, improving the overall user experience.
JioCinema is an Indian over-the-top media streaming service owned by Viacom18.
What is an RPA CoE? Session 1 – CoE VisionDianaGray10
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
Essentials of Automations: Exploring Attributes & Automation ParametersSafe Software
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
"Choosing proper type of scaling", Olena SyrotaFwdays
Imagine an IoT processing system that is already quite mature and production-ready and for which client coverage is growing and scaling and performance aspects are life and death questions. The system has Redis, MongoDB, and stream processing based on ksqldb. In this talk, firstly, we will analyze scaling approaches and then select the proper ones for our system.
AI in the Workplace Reskilling, Upskilling, and Future Work.pptxSunil Jagani
Discover how AI is transforming the workplace and learn strategies for reskilling and upskilling employees to stay ahead. This comprehensive guide covers the impact of AI on jobs, essential skills for the future, and successful case studies from industry leaders. Embrace AI-driven changes, foster continuous learning, and build a future-ready workforce.
Read More - https://bit.ly/3VKly70
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor IvaniukFwdays
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
"What does it really mean for your system to be available, or how to define w...Fwdays
We will talk about system monitoring from a few different angles. We will start by covering the basics, then discuss SLOs, how to define them, and why understanding the business well is crucial for success in this exercise.
Northern Engraving | Modern Metal Trim, Nameplates and Appliance PanelsNorthern Engraving
What began over 115 years ago as a supplier of precision gauges to the automotive industry has evolved into being an industry leader in the manufacture of product branding, automotive cockpit trim and decorative appliance trim. Value-added services include in-house Design, Engineering, Program Management, Test Lab and Tool Shops.
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...Fwdays
Direct losses from downtime in 1 minute = $5-$10 thousand dollars. Reputation is priceless.
As part of the talk, we will consider the architectural strategies necessary for the development of highly loaded fintech solutions. We will focus on using queues and streaming to efficiently work and manage large amounts of data in real-time and to minimize latency.
We will focus special attention on the architectural patterns used in the design of the fintech system, microservices and event-driven architecture, which ensure scalability, fault tolerance, and consistency of the entire system.
Getting the Most Out of ScyllaDB Monitoring: ShareChat's TipsScyllaDB
ScyllaDB monitoring provides a lot of useful information. But sometimes it’s not easy to find the root of the problem if something is wrong or even estimate the remaining capacity by the load on the cluster. This talk shares our team's practical tips on: 1) How to find the root of the problem by metrics if ScyllaDB is slow 2) How to interpret the load and plan capacity for the future 3) Compaction strategies and how to choose the right one 4) Important metrics which aren’t available in the default monitoring setup.
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Keywords: AI, Containeres, Kubernetes, Cloud Native
Event Link: https://meine.doag.org/events/cloudland/2024/agenda/#agendaId.4211
4. WWhhaatt iiss SSCCAADDAA??
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
5. WWhhaatt iiss NNOOTT SSCCAADDAA??
Programmable-Logic Controllers (PLCs)
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
6. WWhhaatt iiss NNOOTT SSCCAADDAA??
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Remote Terminal Units (RTUs)
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
7. WWhhaatt iiss NNOOTT SSCCAADDAA??
Supervisory Control and Data Acquisition
CCoonnttrrooll ddeevviicceess,, ssaaffeettyy ddeevviicceess,, eelleeccttrriicc//eelleeccttrroonniicc ddeevviicceess
SSiinnggllee--bbooxx ssoolluuttiioonn//aapppplliiccaattiioonn
NNoott jjuusstt aa uusseerr iinntteerrffaaccee
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
8. WWhhaatt iiss SSCCAADDAA??
Supervisory Control and Data Acquisition
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
9. WWhhaatt iiss SSCCAADDAA??
Supervisory Control and Data Acquisition
CCoolllleeccttss ddaattaa aanndd ccoonnttrrooll ffiieelldd eeqquuiippmmeenntt
SSaavveess hhiissttoorriiccaall ddaattaa
FFoorrwwaarrddss ddaattaa ttoo ootthheerr ddeevviicceess oorr ssyysstteemmss
PPrroovviiddeess sseeccoonnddss--pprreecciissiioonn mmeeaassuurreemmeennttss
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
10. WWhheerree iiss SSCCAADDAA??
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
11. WWhheerree iiss SSCCAADDAA??
What kind of cool stuff do they control?
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
12. WWhheerree iiss SSCCAADDAA??
What kind of cool stuff do they control?
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
13. WWhheerree iiss SSCCAADDAA??
What kind of cool stuff do they control?
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
14. WWhheerree iiss SSCCAADDAA??
What kind of cool stuff do they control?
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
15. WWhheerree iiss SSCCAADDAA??
What kind of cool stuff do they control?
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
16. WWhheerree iiss SSCCAADDAA??
What kind of cool stuff do they control?
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
17. WWhhyy SSCCAADDAA??
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
18. WWhhyy SSCCAADDAA??
Do we really need computers for this?
EEqquuiippmmeennttss rreellyy oonn vveerryy qquuiicckk rreessppoonnssee ttiimmeess
HHuuggee aammoouunntt ooff ddaattaa nneeeeddss ttoo bbee ccoolllleecctteedd
HHuunnddrreeddss,, tthhoouussaannddss ooff ddeevviicceess nneeeedd ttoo bbee ccoonnttrroolllleedd aatt ssaammee ttiimmee
OOppeerraattiioonn iiss aallmmoosstt nneevveerr iinntteerrrruupptteedd
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
19. WWhhyy SSCCAADDAA??
Can you imagine if something goes... wrong?
Russian hydro plant accident kills 12
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
20. WWhhyy SSCCAADDAA??
Can you imagine if something goes... wrong?
Chemical plant explosion leaves 5 missing,
15 injured in China
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
21. WWhhyy SSCCAADDAA??
Can you imagine if something goes... wrong?
Hundreds of tons of toxic waste were dumped into one of the German rivers
after the serious accident at a local chemical plant.
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
28. MMiissccoonncceeppttiioonnss aanndd RReeaalliittyy
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
And now comes reality...
AAllll iinndduussttrriiaall nneettwwoorrkkss aarree ccoonnnneecctteedd ssoommeehhooww
ttoo tthhee IInntteerrnneett oorr ccoorrppoorraattee nneettwwoorrkk
Integration software (ERP/MES), Phone/Modem/3G abuse,
Equipment misconfiguration (switches, routers, firewalls),
removable media abuse, remote access (VPN, RDP, VNC)
29. MMiissccoonncceeppttiioonnss aanndd RReeaalliittyy
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
And now comes reality...
MMoosstt nneettwwoorrkkss aarree ooppeerraatteedd bbyy aauuttoommaattiioonn ssttaaffff
wwiitthh nnoo oorr llooww IITT kknnoowwlleeggddee
Commit security abuses/incidents, unsafe computer
operation posture [games, internet browsing, downloading
stuff], careless about infosec, just want the job done
30. MMiissccoonncceeppttiioonnss aanndd RReeaalliittyy
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
And now comes reality...
MMoosstt nneettwwoorrkkss aanndd sseerrvveerrss aarree
mmaannaaggeedd bbyy IITT ssttaaffff
Low to no knowledge about industrial protocols, attack
impacts, software operation, overall ICS security, commit
several mistakes configuring equipment
31. MMiissccoonncceeppttiioonnss aanndd RReeaalliittyy
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
And now comes reality...
9999,,99%% ooff ppllaannttss ccaann bbee eeaassiillyy hhaacckkeedd
Common OS (Windows, Linux...)
Common/open protocols (HTTP, Telnet, Modbus)
All the same common bugs from IT: weak/hardcoded
passwords, silly application vulns, unpatched stuff
34. IInndduussttrriiaall PPrroottooccoollss
Current common market protocols
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
CIP – Common
Industrial Protocol,
Ethernet/IP
Profinet, S3/5/7
CC-Link Modbus
35. IInndduussttrriiaall PPrroottooccoollss
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Modbus
VVeerryy ssiimmppllee ppllaaiinntteexxtt pprroottooccooll
CCrreeaatteedd iinn tthhee 7700ss bbyy MMooddiiccoonn
UUsseedd bbyy mmaannyy vveennddoorrss
36. IInndduussttrriiaall PPrroottooccoollss
Modbus
NNoo aauutthheennttiiccaattiioonn ++ NNoo eennccrryyppttiioonn ++ NNoo vvaalliiddaattiioonn
==
HHAA--HHAA sseeccuurriittyy lleevveell
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
37. IInndduussttrriiaall PPrroottooccoollss
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Modbus
CCoommmmoonn aarrcchhiitteeccttuurree
38. IInndduussttrriiaall PPrroottooccoollss
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Modbus
PPrroottooccooll ssttrruuccuuttuurree
Standard port tcp/502
39. IInndduussttrriiaall PPrroottooccoollss
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Modbus
PPrroottooccooll ssttrruuccuuttuurree
43. PPeenntteessttiinngg SSCCAADDAA ssyysstteemmss
IImmppoorrttaanntt NNoottee
When you run tests against an industrial control system
unexpected things may happen.
And they happen almost every time.
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
45. PPeenntteessttiinngg SSCCAADDAA ssyysstteemmss
IImmppoorrttaanntt NNoottee
Do not test LIVE systems.
Never. Ever.
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
46. PPeenntteessttiinngg SSCCAADDAA ssyysstteemmss
SSccaannnniinngg // DDiissccoovveerryy
Some tools available:
plcscan – Scans s7comm & modbus devices
https://code.google.com/p/plcscan/
modscan – Scans modbus devices
https://code.google.com/p/modscan/
Nmap – Famous network scanner
http://nmap.org/
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
47. PPeenntteessttiinngg SSCCAADDAA ssyysstteemmss
SSccaannnniinngg // DDiissccoovveerryy ((ccoonntt..))
Metasploit Modules
auxiliary/scanner/modbus/modbus_findunitid
auxiliary/scanner/modbus/modbusdetect
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
48. PPeenntteessttiinngg SSCCAADDAA ssyysstteemmss
SSccaannnniinngg // DDiissccoovveerryy
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
PLCscan
49. PPeenntteessttiinngg SSCCAADDAA ssyysstteemmss
SSccaannnniinngg // DDiissccoovveerryy
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Nmap – modbus-discover.nse
50. PPeenntteessttiinngg SSCCAADDAA ssyysstteemmss
SSccaannnniinngg // DDiissccoovveerryy
Modbus Diagnostic Function code (0x2B, 43)
VendorName, ProductName, ModelName, ProductCode,
MajorMinorRevision
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
58. IInndduussttrriiaall MMaallwwaarreess
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
IInndduussttrriiaall SSaabboottaaggee
SSttuuxxnneett
59. IInndduussttrriiaall MMaallwwaarreess
SSttuuxxnneett
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Sabotage
Discovered July 2010
Targets Siemens WinCC systems
Targets specific PLC models
100KLOC (thousands of lines of code)
60. IInndduussttrriiaall MMaallwwaarreess
SSttuuxxnneett
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Sabotage
Sabotages centrifuges causing malfunction or destruction
Allegedly a sabotage plan from USA and Israel against
Iran's nuclear program
61. IInndduussttrriiaall MMaallwwaarreess
SSttuuxxnneett
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Sabotage
http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-
of-cyberattacks-against-iran.html?pagewanted=all&_r=2
62. IInndduussttrriiaall MMaallwwaarreess
SSttuuxxnneett
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Sabotage
http://www.cbsnews.com/8301-205_162-57592862/nsa-leaker-snowden-claimed-
u.s-and-israel-co-wrote-stuxnet-virus/
63. IInndduussttrriiaall MMaallwwaarreess
SSttuuxxnneett
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Sabotage
http://www.symantec.com/connect/blogs/w32stuxnet-dossier
64. IInndduussttrriiaall MMaallwwaarreess
SSttuuxxnneett
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Sabotage
Exploits five vulnerabilities (of which four are 0-day)...
LNK File Bug – Initial Infection via USB drives/removable media
http://www.microsoft.com/technet/security/bulletin/ms10-046.mspx
Printer Spooler – Spreading
http://www.microsoft.com/technet/security/bulletin/ms10-061.mspx
Server Service (SMB) – Spreading
http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx
Keyboard layout file – Privilege escalation
Task Scheduler – Privilege escalation
… and then installs a rootkit :)
65. IInndduussttrriiaall MMaallwwaarreess
SSttuuxxnneett
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Sabotage
Which can only be installed because Stuxnet has stolen
valid digital certificates.
From Realtek and Jmicron.
66. IInndduussttrriiaall MMaallwwaarreess
SSttuuxxnneett
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Sabotage
As if this weren't enough, it creates a peer-to-peer network
of infected hosts, steals intelligence, and rootkits the PLC
+ project files so engineers and operators won't notice.
68. IInndduussttrriiaall MMaallwwaarreess
DDuuQQuu
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Espionage
Discovered September 2011
Possibly derived from Stuxnet
Objective: backdooring and data collection
Targets ICS software and hardware vendors
69. IInndduussttrriiaall MMaallwwaarreess
DDuuQQuu
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Espionage
Uses one Microsoft vulnerability
Microsoft Windows 'Win32k.sys' TrueType Font Handling Remote Code
Execution Vulnerability (BID 50462)
Does not replicate on its own
Has also stolen signed certificates
70. IInndduussttrriiaall MMaallwwaarreess
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Espionage
FFllaammee // SSkkyywwiippeerr
71. IInndduussttrriiaall MMaallwwaarreess
FFllaammee
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Espionage
Discovered ~May 2012
Mostly seen in middle-east
About 20mb in size
Has LUA plugin support
Around 20 extension modules
72. IInndduussttrriiaall MMaallwwaarreess
FFllaammee
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Espionage
Fingerprints countermeasure software/adapts to evade it
Multiple encryption levels
SQLite databases for storing collected data
Propagates similar to Stuxnet (LNK+Spooler)
73. IInndduussttrriiaall MMaallwwaarreess
FFllaammee
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Espionage
Record Skype Conversations
Keylogging + Screenlogging
Network Sniffer
Bluetooth scanning and compromise
Most affected countries: Iran, Israel, Sudan, Syria, Lebanon,
Saudi Arabia and Egypt.
74. IInndduussttrriiaall MMaallwwaarreess
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Espionage
GGaauussss
75. IInndduussttrriiaall MMaallwwaarreess
GGaauussss
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Espionage
Discovered ~August 2012
Flame+Banking+Nasty Stuff
Same infection schemes as Stuxnet & Flame
Has encrypted payload that is only run under certain
circumstances
76. IInndduussttrriiaall MMaallwwaarreess
GGaauussss
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Espionage
Steals passwords and cookies from browser
Collects and reports system configuration
Infects other removable media
Enumerates files and directories
77. IInndduussttrriiaall MMaallwwaarreess
GGaauussss
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Industrial Espionage
Steals banking credentials from middle-east banking
systems
Steals information from social networks, instant messaging
and email accounts
78. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
79. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
FFiirrsstt ooff AAllll
There is no single-box solution.
Sorry :(
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
80. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
FFiirrsstt ooff AAllll
Security is not only on your hosts but
also networks and personnel
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
81. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
FFiirrsstt ooff AAllll
You need the best solution for each area. Each vendor has
expertise in its own area and probably won't master all of
them at the same time.
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
82. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
ssoo......
Embrace good and old defense in depth model
Photo credit: Sentrillion
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
83. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
ssoo......
Embrace good and old defense in depth model
Locks, cameras etc Firewalls, IDPS,
Photo credit: Sentrillion
Data diodes
Segmentation, VLANs,
port-mirrored IDS
WAFs, strong
architechture
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Whitelisting
software, HIDPS,
central logging
Encryption and access
control
84. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
NNeettwwoorrkk SSeeggmmeennttaattiioonn
ISA/99 Zones and Conduits Model
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
85. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
NNeettwwoorrkk SSeeggmmeennttaattiioonn
Proper DMZ Model
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
86. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
IInndduussttrriiaall CCoonnttrrooll SSyysstteemmss FFiirreewwaallllss//IIDDSSss
Commercial Solutions
Tofino Security Appliance SIEMENS Scalance S
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
87. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
IInndduussttrriiaall CCoonnttrrooll SSyysstteemmss FFiirreewwaallllss//IIDDSSss
Commercial Solutions
Firewall
Industrial Protocol Enforcer
VPN
Centralized Management
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
88. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
IInndduussttrriiaall CCoonnttrrooll SSyysstteemmss FFiirreewwaallllss//IIDDSSss
OpenSource Solutions
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
89. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
SSNNOORRTT SSCCAADDAA IIDDSS RRuulleess
Initially compiled by Digital Bond
Many rules already on SNORT main repository
Additional rules are easy to write
http://www.digitalbond.com/tools/quickdraw/
http://blog.snort.org/2012/01/snort-292-scada-preprocessors.html
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
90. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
MMooddbbuuss
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Snort IDS rules
91. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
EEtthheerr//IIPP
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Snort IDS rules
92. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
DDNNPP33
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Snort IDS rules
93. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
DDaattaa DDiiooddeess
Allow traffic to flow only in one direction
Enforced by hardware
Photo-resistor on one end, Photo-transmitter on other
As it depends on hardware, no open-source solution yet :(
Can be enforced via firewall but not with same efficiency
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
94. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
DDaattaa DDiiooddeess
Commercial Solution
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
95. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
WWhhiittee--lliissttiinngg SSooffttwwaarree
Anti-virus, seriously?
CEBIT 2013 Workshop: Anti-virus are an efficient solution for
industrial network protection? (short answer: no)
http://slidesha.re/17AwTEd
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
96. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
MMoonniittoorriinngg
ICS networks and hosts generally operate in regular and
predictable manners.
Simple monitoring and plotting can help detect anomalies
when they happen
[White paper] Detecting problems in industrial networks though
continuous monitoring
http://slidesha.re/17JyVSu
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
97. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
MMoonniittoorriinngg
• Communications interception (ARP Poisoning)
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
• $ nmap –sV 192.168.1.1
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
98. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
MMoonniittoorriinngg • Denial of Service
•
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
• Malware infection
99. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
MMoonniittoorriinngg
• Unauthorized Modbus traffic
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
100. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
EEdduuccaattee yyoouurr uusseerrss
Your users don't really know the impact of using a 3G
modem to check their personal email or Facebook wall
Even less that they can ruin plant's processes by clicking
on a link sent by that hot girl he's chatting with for weeks
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
101. SSoolluuttiioonnss ffoorr IICCSS SSeeccuurriittyy
NNeevveerr ffoorrggeett wwhhaatt yyoouurr uusseerrss
mmeeaann ttoo yyoouurr sseeccuurriittyy
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
103. RReesseeaarrcchhiinngg SSCCAADDAA
AALLWWAAYYSS RREEMMEEMMBBEERR!!!!!!!!
Do not test LIVE systems.
Never. Ever.
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
104. RReesseeaarrcchhiinngg SSCCAADDAA
GGaatthheerr ddooccuummeennttaattiioonn
Most protocols (even proprietary ones) have
documentation available on-line
Get it from manufacturer website or just freaking google it.
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
105. RReesseeaarrcchhiinngg SSCCAADDAA
GGaatthheerr ddooccuummeennttaattiioonn
DNP3 Primer
http://www.dnp.org/AboutUs/DNP3%20Primer%20Rev%20A.pdf
Modbus Specification
http://www.modbus.org/specs.php
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
106. RReesseeaarrcchhiinngg SSCCAADDAA
SSnniiffff mmaasstteerr--ssllaavvee ccoommmmuunniiccaattiioonn wwiitthh WWiirreesshhaarrkk
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
107. RReesseeaarrcchhiinngg SSCCAADDAA
GGeett aa tteesstt--bbeedd
Buy from manufacturer (expensive, sometimes impeditive)
Buy from e-bay (quite easy)
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Real, hardware-based
108. RReesseeaarrcchhiinngg SSCCAADDAA
GGeett aa tteesstt--bbeedd
http://www.ebay.com/sch/i.html?
_trksid=p2050601.m570.l1313.TR0.TRC0.Xs7-300&_nkw=s7-
300&_sacat=0&_from=R40
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Real, hardware-based
109. RReesseeaarrcchhiinngg SSCCAADDAA
GGeett aa tteesstt--bbeedd
http://www.ebay.com/sch/i.html?_odkw=s7-
300&_osacat=0&_from=R40&_trksid=p2045573.m570.l1313.TR3.TRC1.A0.Xwago+
750&_nkw=wago+750&_sacat=0
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Real, hardware-based
110. RReesseeaarrcchhiinngg SSCCAADDAA
GGeett aa tteesstt--bbeedd
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Emulated, software-based
Fully programmable
Available in many programming languages
Self-contained solutions available
111. RReesseeaarrcchhiinngg SSCCAADDAA
GGeett aa tteesstt--bbeedd
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Emulated, software-based
Pymodbus library
https://github.com/bashwork/pymodbus/blob/master/examples/common/synchro
nous-server.py
# initialize data
store = ModbusSlaveContext(
di = ModbusSequentialDataBlock(0, [17]*100),
co = ModbusSequentialDataBlock(0, [17]*100),
hr = ModbusSequentialDataBlock(0, [17]*100),
ir = ModbusSequentialDataBlock(0, [17]*100))
context = ModbusServerContext(slaves=store, single=True)
# initialize the server information
identity = ModbusDeviceIdentification()
identity.VendorName = 'Pymodbus'
identity.ProductCode = 'PM'
identity.VendorUrl = 'http://github.com/bashwork/pymodbus/'
identity.ProductName = 'Pymodbus Server'
identity.ModelName = 'Pymodbus Server'
identity.MajorMinorRevision = '1.0'
# run the server you want
StartTcpServer(context, identity=identity, address=("localhost", 5020))
112. RReesseeaarrcchhiinngg SSCCAADDAA
GGeett aa tteesstt--bbeedd
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
Emulated, software-based
ModSak (commercial with free trial)
http://wingpath.co.uk/modbus/modsak.php
113. RReesseeaarrcchhiinngg SSCCAADDAA
GGeett ssoommee IICCSS ssooffttwwaarree ffrroomm vveennddoorrss
Vendors often have trial versions on their sites
You might have to ask them for a copy
They might not like it what you'll be using it for
Be brave. Don't desist.
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
114. RReesseeaarrcchhiinngg SSCCAADDAA
For both equipment and software
SSccaann tthhee ccrraapp oouutt ooff iitt
Use network and software vulnerabilities scanners heavily,
don't mind if sometimes devices go crazy
but do one at a time or you may DOS your device
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
115. RReesseeaarrcchhiinngg SSCCAADDAA
For both equipment and software
FFuuzzzz''eemm uunnttiill ssmmookkee ccoommeess oouutt
Create fuzz model files based on documentation
See how they handle malformed data
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
116. RReesseeaarrcchhiinngg SSCCAADDAA
For both equipment and software
FFuuzzzz''eemm uunnttiill ssmmookkee ccoommeess oouutt
Peach fuzzer
http://peachfuzzer.com/
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
117. RReesseeaarrcchhiinngg SSCCAADDAA
For both equipment and software
FFuuzzzz''eemm uunnttiill ssmmookkee ccoommeess oouutt
Modbus PIT file for Peach Fuzzer (WIP)
https://github.com/jseidl/peach-pit/blob/master/modbus/modbus.xml
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
118. RReesseeaarrcchhiinngg SSCCAADDAA
For both equipment and software
FFuuzzzz''eemm uunnttiill ssmmookkee ccoommeess oouutt
ROBUS & AEGIS Project
http://www.automatak.com/aegis/ & http://www.automatak.com/robus/
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
119. RReesseeaarrcchhiinngg SSCCAADDAA
SSeett uupp aa hhoonneeyyppoott
Put it faced over to the internet and learn from other
attackers (caution! risky!)
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil
120. RReesseeaarrcchhiinngg SSCCAADDAA
Conpot – SCADA/ICS Honeypot
SSeett uupp aa hhoonneeyyppoott
“The default configuration of Conpot simulates a basic
Siemens SIMATIC S7-200 PLC with an input/output module
and a CP 443-1 which would be needed in a real setup to
provide network connectivity.”
https://github.com/glastopf/conpot
SCADA Hacking – Industrial Scale Fun. SEIDL, Jan
Hackers 2 Hackers Conference/2013 – São Paulo, Brazil