Register by tomorrow to save $300 on cutting-edge cyber security training at SANS Miami 2020!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

An Analysis of the Sandworm Team in Ukraine

  • Thursday, January 21st, 2016 at 11:00 AM EST (16:00:00 UTC)
  • Sean McBride and Robert M. Lee
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

iSIGHT Partners will detail its linkage of the recent intrusions against Ukrainian Power Authorities to the cyber espionage team it calls Sandworm Team. It will highlight intelligence on Sandworm Teams activities which originated in 2013. The discussion will center around a timeline on visible events such as the 2014 campaign leveraging CVE-2014-4114 against Ukraine government, EU, NATO and energy targets, activities throughout 2015 and the culminating event against the Ukrainian Power Authority. A discussion on Sandworm Teams known focus on critical infrastructure will also be included along with broader thoughts for the implications of the Ukrainian incident on the energy and critical infrastructure communities as a whole.


ICS Security Summit

Learn more about securing industrial control systems and the Ukrainian Power Authority attacks at the upcoming ICS Security Summit in Orlando, FL on February 22 & 23, 2016.

The Summit is the premier event to attend in 2016 for ICS cybersecurity practitioners and managers. This year's summit will center on the theme "Defense is Doable" and will feature more in-depth technical talks, case studies, and hands-on challenges than ever before.

Attendees will:
  • Understand how ICS systems are being targeted
  • Learn how to safeguard ICS against the new threat matrix
  • Gather with fellow practitioners to share skills and acquire new ones
  • Explore how cyber-informed engineering mixes with cyber security for ICS success
  • Discover best practices for teaching operators cyber security awareness
  • Test and expand ICS security knowledge through exciting hands-on challenges

Speaker Bio

Robert M. Lee

Robert M. Lee is the CEO and Founder of the critical infrastructure cyber security company Dragos Security LLC where he has a passion for control system traffic analysis, incident response, and threat intelligence research. He is a SANS Certified Instructor and the course author of SANS ICS515 - "Active Defense and Incident Response" and the co-author of SANS FOR578 - "Cyber Threat Intelligence." Robert is also a non-resident National Cyber Security Fellow at New America focusing on policy issues relating to the cyber security of critical infrastructure and a PhD candidate at Kings College London. For his research and focus areas, he was named one of Passcode's Influencers, awarded EnergySec's 2015 Cyber Security Professional of the Year, and named to the 2016 Forbes' 30 Under 30 list.

Robert obtained his start in cyber security in the U.S. Air Force where he served as a Cyber Warfare Operations Officer. He has performed defense, intelligence, and attack missions in various government organizations including the establishment of a first-of-its-kind ICS/SCADA cyber threat intelligence and intrusion analysis mission. Robert routinely writes articles in publications such as Control Engineering and the Christian Science Monitor's Passcode and speaks at conferences around the world. Lastly, Robert, is author of the book "SCADA and Me" and the weekly web-comic http://www.LittleBobbyComic.com.

"Rob is the best instructor I have seen. Real world examples, humor, time efficient, [and] effective."
- Toni Benson, Cyber Analyst

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.