CYBERSEC 2021 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree

May 4-6 at Taipei Nangang Exhibition Center, Hall 2

Mars Cheng

Mars Cheng

Threat Research Manager, TXOne Networks
Executive Director, Association of Hackers in Taiwan

Mars Cheng (@marscheng_) leads TXOne Networks’ PSIRT and Threat Research Team as their Threat Research Manager, coordinating product security initiatives and threat research efforts. He is also the Executive Director for the Association of Hackers in Taiwan and General Coordinator of HITCON CISO Summit 2024, facilitating collaboration between enterprises and the government to bolster the cybersecurity landscape. Additionally, Mars serves as a Cybersecurity Auditor for the Taiwan Government. His expertise spans ICS / SCADA systems, malware analysis, threat intelligence and hunting, and enterprise security. Mars has made significant contributions to the cybersecurity community, including authoring more than ten CVE-IDs and publishing in three SCI journals on applied cryptography. Mars is a frequent speaker and trainer at numerous prestigious international cybersecurity conferences and has presented over 50 times, including Black Hat USA / Europe / MEA, RSA Conference, DEF CON, CODE BLUE, SecTor, Troopers, FIRST, HITB, ICS Cyber Security Conference Asia and USA, HITCON, NoHat, ROOTCON, SINCON, CYBERSEC, and many others. He has successfully organized several past HITCON events, including HITCON CISO Summit 2023, HITCON PEACE 2022, HITCON 2021, and HITCON 2020, demonstrating his commitment to advancing the field of cybersecurity.

Taiwan's Cybersecurity Researchers
OT Security Forum
  • May 4th (Tue)
  • 14:45 - 15:15
  • 7F 701G

Common Flaws in Public and Private ICS Network Protocols
Chinese Onsite

In this research, we analyze 9 ICS protocols (5 public and 4 private) which are widely used in the critical infrastructure sectors of power, water, transportation, petroleum, and manufacturing. In each of these public and private ICS protocols, we found some common flaws which allow attackers to easily sniff unencrypted traffic and perform ICS protocol-centered attacks. These attacks include T833 - Modify Control Logic, T836 - Modify Parameter, T843 - Program Download, T856 - Spoof Reporting Message - Modbus/TCP and T855 - Unauthorized Command Message which map to MITRE ATT&CK for ICS. Attacker can be accomplished without the intruder needing to acquire authentication or authorization. Also, we provide 5 attack demos which across 1 public and 3 private protocols, to show how these common flaws will cause huge impacts such as T832 - Manipulation of View and T831 - Manipulation of Control to ICS. Finally, we demonstrate how to againist ICS network protocols attack.

Critical Infrastructure ProtectionICS/SCADA SecurityNetwork Security
Read More
Taiwan's Cybersecurity Researchers
  • May 5th (Wed)
  • 16:45 - 17:15
  • 7F 701C

Data Breaches Related to Critical Infrastructure - A In-depth Analysis of Cyber Risk to Taiwanese Critical Infrastructure
Chinese Onsite

This research will collect publicly leaked data and share some of the traps and fun that we found during the analysis. We will also share how we have conducted big data analysis on more than 10 billion pieces of data from 200 plus datasets, with a particular focus on the analysis of data leakage and password habits of Taiwan's 8 critical infrastructure service providers. Finally, based on the in-depth analysis of our data, we will try to provide prediction warnings to high-risk CI sectors and vendors that may be invaded due to information leakage, and finally advise how to perform prevention and mitigation measures.

Big DataCritical Infrastructure ProtectionICS/SCADA Security
Read More
Taiwan's Cybersecurity Researchers
OT Security Forum
  • May 6th (Thu)
  • 11:30 - 12:00
  • 7F 701C

The Hunt for Major League IoT-ICS Threats: A Deep Dive into IoT Threat Terrain
Chinese Onsite

This talk will share how we built an automated large-scale IoT threat hunting system, and will share a deep look into the overall threat situation and trends compiled from six target examples in the past year.

Hackers & ThreatsIoT SecurityThreat Hunting
Read More