$400 Amazon Gift Card with OnDemand Training through March 10 - Learn More!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Lights Out: Inside the Mind of a Utility Hacker

  • Wednesday, September 25, 2019 at 10:30 AM EDT (2019-09-25 14:30:00 UTC)
  • Joseph Carson


  • Thycotic

You can now attend the webcast using your mobile device!



Imagine a country-wide black out. The reality hit Ukrainian residents when their energy sector was hit by a massive cyber-attack that caused a power outage for more than 86,000 homes. This session dives into the real-world hack of a power station that explains the planning, perimeter security, engines and SCADA controls behind the attack.

With up to 80% of targeted attacks involving the use or misuse of privileged credentials, Privileged Access Management must be a foundational component of a utility and energy companys cyber security strategy. It is critically important to know how and why cybercriminals target their victims and what you can do to reduce the risk, especially when an attack could put lives at stake. In this session:

  • Gain a full understanding of the anatomy of a privileged account hack
  • Learn the challenges of reporting to the board and lessons learned
  • Develop a strategy to reduce your risk and prevent abuse of your critical information assets

Speaker Bio

Joseph Carson

Joseph Carson is a cyber security professional and ethical hacker with more than 25 years’ experience in enterprise security specializing in blockchain, endpoint security, network security, application security & virtualization, access controls and privileged account management. Joseph is a Certified Information Systems Security Professional (CISSP), active member of the cyber security community frequently speaking at cyber security conferences globally, often being quoted and contributing to global cyber security publications. He is a cyber security advisor to several governments, critical infrastructure, financial, transportation and maritime industries. Joseph is regularly sharing his knowledge and experience giving workshops on vulnerabilities assessments, patch management best practices, the evolving cyber security perimeter and the EU General Data Protection Regulation. Joseph serves as Chief Security Scientist at Thycotic and author of Privileged Account Management for dummies.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.