When John von Neumann said those words in 1952, he didn’t mean the Atomic bomb that he helped create as a scientist with the Manhattan Project. He was referring to his revolutionary work in high speed computing. Over sixty years later, the computer has revolutionized every aspect of our life – from currency to medicine to warfare. Our almost total reliance upon insecure software and hardware has made the world less safe, and has fundamentally changed the power equations between State and Non-State actors.
Suits and Spooks 2017 will focus on identifying the world’s most valuable new technologies, who the threat actors are that are looking to acquire them, and what can be done to stop them.
Admission is $549 for industry, and $375 for full-time government, military, or academia employees. Visit SuitsandSpooks.com to register.
One of the most important pieces of Critical Infrastructure in any country is its Power Grid - the system that supplies energy to millions of people. However, that system is not designed with security in mind. It is fragile, insecure and becomes unstable and unpredictable in the case of a cyber attack.
There have been lots of talks about insecurity of the modern industrial software and hardware, as well as and the possible risks associated with the presence of hackers in the Control network. Unfortunately, many organizations related to the Critical Infrastructure sector are not seeing cyber attacks as high risk to their business. We still hear feedback from ICS organizations like "we will never be a victim of cyber attack because there is nothing to steal from our Power Plant" or "we have got double firewall in out control networks, that is highly secure solution".
Given that typical feedback, Kaspersky Lab decided to take a lead and show the ICS organizations what can happen in reality when the Power Grid is attacked. In November 2015 Kaspersky Lab has organized the Industrial CTF contest inviting researchers from various security companies. The representatives from Power Grid organizations attended it as observers. We have more than 50 research teams participate.
The goal of the CTF was to hack a typical installation of Electrical Substation where we installed 8 real Siemens SIPROTECT protection relays, connected via CISCO routers into a Control network under WinCC supervision. The system controls distribution power line under high voltage. The winning criterion was simple - the attacker needs to show visible damage to the power line within next 8 hours.
To our shock, the whole system was hacked within 3 hours, and the power line wires were burned by enormous current several times. Few SIPROTECT were damaged completely (not possible to recover), few new 0-days were discovered, and several interesting hacking approaches were identified. The representatives from Power Grid were also shocked. They were not expecting such damage that may be fatal in a real environment.
However, even after that self explaining demo, a month ago in December 2015, the whole World learnt about the incident in Ukrainian Power Grid, its Transportation system, Media and TV sectors. We see lots of similarity in this incident since the Power Grid in ex-USSR republics shares common principles.
In this talk we will go over several stories:
∙The overview and results of industrial CTF challenge, interesting hacking details, security challenges,
∙Details of recent cyber incidents related to Power Generation and Distribution industry including the latest BlackEnergy attacks against Ukrainian Power grid and its history from 2014 to 2016,
∙We would like to review the reasons of the incidents and suggest some solutions that can protect your organizations against cyber attacks.
