Presentation Material
Abstract
This session is the result of a yearlong study of the most recent SCADA vulnerabilities that affected industrial control systems and critical infrastructure. The study includes root cause analysis, attack vector scrutiny, consequence of successful attack and finally remediation study for SCADA vulnerabilities in the past year. Attendees will get an insight into the factors that resulted in the nature, magnitude and timing of the harmful outcomes in order to identify what actions need to be taken to prevent recurrence of similar harmful outcomes. The presentation will study different attack vectors and payloads by which a malicious entity can gain access or completely compromise critical infrastructure or industrial control systems. It will also study in detail the immediate consequences of a successful attack and the repercussions that it can have on SCADA network and organization. The presenter will discuss many real life vulnerability case studies as well as present aggregate results for all vulnerabilities included in the study. Based on this aggregation the presenter will offer strategies, policies and best practices for attack mitigation which can be used by attendees in their day-to-day field of work. The presentation will conclude with guidance on how these best practices can be leveraged by control system owners to get to an acceptable security. Attendees who are in charge of control system infrastructure will get insight on vulnerabilities that affected their systems. Engineers who are in-charge of security for control systems will get a better technical insight of attacks. Attendees who are new to control systems will get an excellent overview of security complexities of control systems.
AI Generated Summarymay contain errors
Here is a summary of the content:
The speaker, an expert in industrial control systems (ICS), discusses the challenges of securing SCADA (Supervisory Control and Data Acquisition) systems. These systems, which control critical infrastructure such as dams and power plants, are often built using off-the-shelf software and are rarely patched due to the high risk of malfunctioning. This leaves them vulnerable to attacks, especially since they often use outdated operating systems like Windows 2000, 98, and 95.
The speaker highlights that these systems were not designed to be easily modified or updated, making it difficult to apply patches without disrupting their functioning. Moreover, they are now using databases like Oracle and MySQL, which introduces new vulnerabilities.
The real-world issue is that many SCADA systems are connected to the internet, making them accessible to potential attackers. This is a significant concern, as these systems were not designed with security in mind. The speaker also notes that the long lifecycle of SCADA systems makes it difficult to change or update them, even when vulnerabilities are discovered.
The speaker proposes several solutions, including creating a test environment for SCADA systems and developing a SCADA scan utility to identify vulnerabilities. However, they acknowledge that implementing these solutions is not straightforward due to the complexity and critical nature of these systems.