homepage
Open menu
Contact Sales

All Your Network Traffic Are Belong to Us - VPNFilter Malware and Implications for ICS

  • Wednesday, 25 Jul 2018 3:30PM EDT (25 Jul 2018 19:30 UTC)
  • Speakers: Tim Conway, Doug Wylie, Phil Neray

The world recently learned of new multi-stage router malware with destructive capabilities and the ability to intercept web traffic and insert malicious code into it. Described as \an impressive piece of work" by Bruce Schneier, the VPNFilter malware also includes a packet sniffer for capturing Modbus TCP traffic and credentials passing through VPN routers.

The Modbus TCP plugin indicates the adversary may have the ability and intent to compromise ICS environments and exfiltrate ICS-specific information. It's also possible that compromised routers can now be used as launching points for further attacks into ICS networks ' and that other payloads could easily be added to capture DNP3, Ethernet/IP, Siemens S7, and other ICS/SCADA traffic in the future.

In this educational webinar led by Tim Conway and Doug Wylie from SANS, with Phil Neray from industrial cybersecurity firm CyberX, you'll learn about:

- - VPNFilter's architecture and capabilities.

- - Implications for ICS networks and asset owners.

- - How to defend against VPNFilter and similar malware in the future.

Login to Register

Related Content

Blog
Quest_to_Summit_340x340.png
Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting
The Quest to Summit | SANS ICS Security Summit 2024
Register for the ICS Security Summit to be able to participate in The Quest to Summit and win big prizes.
370x370_Tim-Conway.jpg
Tim Conway
read more
Blog
N2C_blog_image.png
Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, CyberLive, Workforce Development, Career Development, Why Certify, Imposter Syndrome, NetWars, Mentorship, Job Hunting, Operating System & Device In-Depth, Artificial Intelligence (AI)
A Visual Summary of SANS New2Cyber Summit 2024
Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024
370x370-person-placeholder.png
Alison Kim
read more
Blog
ICS_-_Blog_-_Enhancing_Operational_Resilience_in_OT_-_340_x_340.jpg
Industrial Control Systems Security
Enhancing Operational Resilience in OT
OT/ICS owners and operators must remain agile when deciding where and how to deploy cybersecurity.
370x370_jason-dely.jpg
Jason Dely
read more