Critical Infrastructure Control Systems Cybersecurity
- Matt Luallen
Control Systems (Distributed and SCADA systems) are used throughout the world to automate industrial processes. These systems need to provide reliable and safe automation for such critical infrastructure as the Bulk Electric System (BES), natural gas, oil, transportation, fresh water/waste water, manufacturing, food, and defense. The critical necessities for both government and its people to survive are automated using industrial control systems. The past decade has brought with it the intertwining of these systems with both the business networks and traditional hardware and communications protocols. Many CSs are in some way electronically connected to networks of less trust, potentially even a slight distance away from the Internet. These CSs typically use vulnerable communication protocols, a few even use TCP/IP and in specific situations, common off the shelf hardware and chipsets. It is paramount to the safety of our society to sufficiently understand their architecture and to protect these critical systems.
This night session, Critical Infrastructure Control System Cybersecurity, will discuss the risks and mitigating controls associated with the control systems integrated into critical infrastructures worldwide. The session will succinctly provide a background of control system architectures and then quickly delve in to example critical infrastructure attacks and mitigating controls. The session will use live demonstrations from the CYBATI training kit to give an operator's HMI false readings, using small devices as attack tools (e.g. Arduino and technician tools), publicly available and privately maintained PLC manipulation Metasploit modules and mitigating controls.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
|GIAC Program Overview||Jeff Frisk, GIAC Director||Special Events|
|SANS Technology Institute Brief||President Stephen Northcutt||Special Events|
|Dude, Your Car is PWNed!||Rob VandenBrink, ISC Handler||SANS@Night|
|Authentication Issues Between Entities During Protocol Message Exchange in SCADA Systems||Manuel Humberto Santander Pelaez, ISC Handler||SANS@Night|
|OWASP Top Ten Tools and Tactics||Russ McRee, ISC Handler||SANS@Night|
|Updates on the Exploit Kits Front: You are the Target!||Pedro Bueno, ISC Handler||SANS@Night|
|Packet and Malware Collection for the Home Network, Research Starts at Home!||Richard Porter, ISC Handler||SANS@Night|
|Critical Infrastructure Control Systems Cybersecurity||Matt Luallen||SANS@Night|
|Everything's Hacked! What We Can Do To Help Secure Embedded Devices||Jay Radcliffe||SANS@Night|
|The SANS360: The Security Crystal Ball||Rob Lee, Moderator||SANS@Night|
|What's New in Windows 8 and Server 2012?||Jason Fossen||SANS@Night|
Monday, July 9
Tuesday, July 10
Thursday, July 12
|Test your Knowledge and Capture-the-Flag Skills in an Interactive Security Challenge!||Yori Kvitchko||Thursday, July 12th, 6:30pm - 9:30pm||Special Events|
Friday, July 13
|Test your Knowledge and Capture-the-Flag Skills in an Interactive Security Challenge!||Yori Kvitchko||Friday, July 13th, 6:30pm - 9:30pm||Special Events|