CYBERSEC 2021 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree

May 4-6 at Taipei Nangang Exhibition Center, Hall 2

Selmon Yang

Selmon Yang

Senior DPI Engineer, TXOne Networks

Selmon Yang is a senior DPI engineer at TXOne Networks. He is responsible for parsing IT/OT Protocol, Linux kernel programming and honeypot development and adjustment. Selmon also spoke at HITCON CMT and HITB.

Taiwan's Cybersecurity Researchers
OT Security Forum
  • May 4th (Tue)
  • 14:45 - 15:15
  • 7F 701G

Common Flaws in Public and Private ICS Network Protocols

In this research, we analyze 9 ICS protocols (5 public and 4 private) which are widely used in the critical infrastructure sectors of power, water, transportation, petroleum, and manufacturing. In each of these public and private ICS protocols, we found some common flaws which allow attackers to easily sniff unencrypted traffic and perform ICS protocol-centered attacks. These attacks include T833 - Modify Control Logic, T836 - Modify Parameter, T843 - Program Download, T856 - Spoof Reporting Message - Modbus/TCP and T855 - Unauthorized Command Message which map to MITRE ATT&CK for ICS. Attacker can be accomplished without the intruder needing to acquire authentication or authorization. Also, we provide 5 attack demos which across 1 public and 3 private protocols, to show how these common flaws will cause huge impacts such as T832 - Manipulation of View and T831 - Manipulation of Control to ICS. Finally, we demonstrate how to againist ICS network protocols attack.

Advanced
Critical Infrastructure ProtectionICS/SCADA SecurityNetwork Security
Read More