Deconstructing the Reports of Iranian Activity Against the Power Grid and New York Dam

  • Tuesday, 05 Jan 2016 12:00PM EST (05 Jan 2016 17:00 UTC)
  • Speakers: Robert M. Lee, Mike Assante

On December 20th and 21st there were two reports of separate incidents detailing focused adversary efforts into research U.S. infrastructure. The activity was attributed to Iranian actors and targeted sites along the power grid including Calpine and a dam in New York. Both of these case-studies are interesting and pose lessons learned for the community. In this webcast Michael Assante, SANS ICS Director, and Robert M. Lee, ICS515 Course Author, will deconstruct these two cases noting strengths, weaknesses, and lessons learned from the reports. The cases will also be discussed in the context of the ICS Cyber Kill Chain and the most important takeaways will be mapped to efforts defenders can employ today.


Learn more about securing industrial control systems at the upcoming ICS Security Summit in Orlando, FL on February 22 & 23, 2016.

The Summit is the premier event to attend in 2016 for ICS cybersecurity practitioners and managers. This year's summit will center on the theme "Defense is Doable" and will feature more in-depth technical talks, case studies, and hands-on challenges than ever before.

Attendees will:

  • Understand how ICS systems are being targeted
  • Learn how to safeguard ICS against the new threat matrix
  • Gather with fellow practitioners to share skills and acquire new ones
  • Explore how cyber-informed engineering mixes with cyber security for ICS success
  • Discover best practices for teaching operators cyber security awareness
  • Test and expand ICS security knowledge through exciting hands-on challenges