Sharpen your Skills at SANS San Francisco Winter 2017. Save $200 thru 10/25.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

CRASHOVERIDE - Detecting and Mitigating the Electric Grid Targeted Malware

  • Friday, July 7th, 2017 at 1:00 PM EDT (17:00:00 UTC)
  • Mike Assante, Robert M. Lee, and Dan Gunter
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

In June the CRASHOVERRIDE malware was revealed to have been the cause of the 2016 cyber attack on Kiev, Ukraine. It's modular and framework style development suggest it was designed to be deployed at more than one target. This presentation will take a nuanced look at the impact of CRASHOVERRIDE and potential impact in other electric grids while taking a heavy focus on the mitigations and detections operators and security personnel should be focusing on today.

Speaker Bios

Mike Assante

Michael Assante is currently the SANS lead for Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) security and Co-founder of NexDefense an Atlanta-based ICS security company. He served as Vice President and Chief Security Officer of the North American Electric Reliability (NERC) Corporation, where he oversaw industry-wide implementation of cyber security standards across the continent. Prior to joining NERC, Mr. Assante held a number of high-level positions at Idaho National Labs and served and as Vice President and Chief Security Officer for American Electric Power. Mr. Assante's work in ICS security has been widely recognized and was selected by his peers as the winner of Information Security Magazine's security leadership award for his efforts as a strategic thinker. The RSA 2005 Conference awarded him its outstanding achievement award in the practice of security within an organization.

He has testified before the US Senate and House and was an initial member of the member of the Commission on Cyber Security for the 44th Presidency. Before his career in security served in various naval intelligence and information warfare roles, he developed and gave presentations on the latest technology and security threats to the Chairman of the Joint Chiefs of Staff, Director of the National Security Agency, and other leading government officials. In 1997, he was honored as a Naval Intelligence Officer of the Year.


Robert M. Lee

Robert M. Lee is the CEO and Founder of the industrial (ICS/IIoT) cyber security company Dragos, Inc. He is also a non-resident National Cybersecurity Fellow at New America focusing on policy issues relating to the cyber security of critical infrastructure. For his research and focus areas, Robert was named one of Passcode's Influencers, awarded EnergySec's Cyber Security Professional of the Year (2015), and inducted into Forbes' 30 under 30 for Enterprise Technology (2016).

A passionate educator, Robert is the course author of SANS ICS515 - "ICS Active Defense and Incident Response" with its accompanying GIAC certification GRID and the lead-author of SANS FOR578 - "Cyber Threat Intelligence" with its accompanying GIAC GCTI certification. He may be found on Twitter @RobertMLee


Dan Gunter

Dan Gunter is a Senior Threat Hunter at the industrial cyber security company Dragos, Inc. where he discovers, analyzes and neutralizes threats inside of ICS/SCADA networks. In this capacity he performs threat hunting, incident response, and malware analysis mission for the industrial community. Previous to his role at Dragos, Dan served in a variety of Information Security roles as an Cyber Warfare Officer in the United States Air Force ranging from Incident Response at the Air Force Computer Emergency Response Team to developing innovative capabilitiesfor multiple Department of Defense partners. Dan has over 12 years' experience and has obtained the Associate of ISC2 (passed CISSP exam), GIAC GSEC, EC Council CEH and CompTIA Security+ certifications. He also holds a Bachelor of Science in Computer Science from Baylor University and a Master of Science in Computer Science from the University of Louisville. Dan previously presented at Blackhat and Shmoocon.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.