The Sum of All Fears, When ICS/SCADA are Compromised
Date: 16th Oct – WednesdayTime: 11:30-12:30Location: Ballroom B
In the past, the cybersecurity issues of Industrial control systems (ICS) are neglected. However, ICS/SCADA connects with people’s lives which consists of power, water, traffic, manufacturing and multiple industry. In the past 10 years, more and more ICS/SCADA cybersecurity incidents are happened which may cause loss of life and property, and if we live without power, water, communication, traffic. That is a terrible thing. That is why we need to care about ICS/SCADA cybersecurity issues, and make sure we are in a security environment.
In this presentation, we first talk about the background knowledge of ICS/SCADA, and what kinds of security threats and attack vectors in ICS/SCADA. And then, we analyze an Industrial communication protocol, and write Lua plugin for Wireshark and exploit code as a hacker. In this part, we provide demo which shows hackers hack LC with Industrial communication protocol and PLC’s service to compromise ICS/SCADA. After hacking demo, we demonstrate the rotection strategy to secure ICS/SCADA. When we know how hackers attack ICS/SCADA, we know how to defend and deploy our protection strategy to achieve the most effective results.
Selmon Yang Selmon Yang, Staff Engineer, TXOne Networks and Trend Micro
Mars Cheng Cyber Threat Researcher, TXOne Networks and Trend Micro