CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree
SESSION
09/22 11:20 - 11:50 Manufacturing Security Forum
Practical Attack Vectors and Their Ideal Defensive Strategies for Critical Manufacturing
The worlds of enterprise cyber security and ICS/SCADA systems have converged, and continue to produce new complications as a result. In particular, industrial and critical infrastructure (CI) systems have an increased need to communicate with an ever-expanding array of enterprise IT systems. They do this to conduct updated reporting and monitoring, as well as to maintain continuous operations. The endless stream of critical infrastructure security incidents is only picking up speed, and these attacks often cause considerable physicaldamage to those systems. We often find ourselves in a state of ignorance about the true state of critical infrastructure -- we won’t know what the attack vectors are, let alone how to defend them.
To research this, we surveyed firsthand many real ICS and SCADA systems, performing penetration testing on several of them. We counted the attack vectors present in this real ICS environment. In our presentation, we will share 4 real-world ICS and SCADA examples on Critical Manufacturing. We will also give a behind-the-scenes view (starting with real-world ICS security assessment) based on different ICS/SCADA systems in several CI sectors. Finally, we will provide several attack demos. We recreated these in our lab to demonstrate the attacks against real-world ICS equipment in-depth. We will also review serveral common defense strategies to help secure an ICS environment. We believe that such an analysis will help the enhancement of subsequent defense strategies.
SPEAKER
Mars Cheng (@marscheng_) is a manager of TXOne Networks PSIRT and threat research team, responsible for coordinating product security and threat research. Mars blends a background and experience in both ICS/SCADA and enterprise cybersecurity systems. Mars has directly contributed to more than ten CVE-IDs, and has had work published in three Science Citation Index (SCI) applied cryptography journals. Before joining TXOne, Cheng was a security engineer at the Taiwan National Center for Cyber Security Technology (NCCST). Mars is a frequent speaker and trainer at several international cyber security conferences such as Black Hat Europe, DEFCON, SecTor, FIRST, HITB, ICS Cyber Security Conference Asia and USA, HITCON, SINCON, CYBERSEC, and CLOUDSEC. Mars is general coordinator of HITCON (Hacks in Taiwan Conference) 2022 and was coordinator of HITCON 2021 and vice general coordinator of HITCON 2020.
Canaan has been a DPI/IDS/IPS engineer since 2001. He led the anti-botnet project of MoECC in NTHU (2009-2013) and held “Botnet of Taiwan” (BoT) workshops (2009-2014). He spoke at HitCon2014 CMT,HitCon2015 CMT and HitCon 2019. His primary research interests are in network security, intrusion detection systems, reversing engineering, malware detection, and embedded systems.