![]() ![]() The use of automation here is highly recommended. You can then make a plan by plotting techniques and tactics to enable better avoidance, identification and treatment. ![]() Basically you need to Identify your assets and potential threats and then gather data on the threat lifecycle and the potential impact of the threats if realised. While it seems like common sense I suspect steps sometimes get missed here resulting in incomplete threat data and suboptimal treatment plans. Presentation of a practical and mathematical model to identify and prioritise the treatment of organisation specific threats. Go to hunt and then sleep - David Bianco, Robert Lee There are many tools available that facilitate the scanning and enumeration of building automation devices, many of which are internet facing. However, think of the impact on the ability to conduct your business if you make a building uninhabitable. It is often seen as a poor relation when it comes to the pecking order for prioritisation for penetration testing. Insecurity in building automation - Thomas Brandstetterīuilding automation is typically used today for heating, ventilation, climate control and lighting. While it is early days I suspect we will see the concept in reality soon. Finally there is a rollback feature to revert to the original files in the event of an unauthorised crypto event. It also incorporates the ability to detect large encryption operations and flag or halt the write operations. Basically a virtual file system is setup that makes an on the fly backup of all files prior to a write instruction. This concept was incredibly simple and incredibly smart, with some clever coding in the background. ShieldFS a ransomware resilient file system - Andrea Continella, Frederico Maggi It cannot spread like a wannacry and needs considerable time and effort to be deployed. Each instance of this type of attack needs a lot of reconnaissance and customisation. ![]() Some elements of this malware are used for network discovery but the main focus is to take over the control of power distribution substations, remove monitoring and visibility of the network and ultimately wipe the the HMI systems that would be needed to regain control of the network. This malware is currently designed to target EU grids but it's modular design means that it can be tailored to hit the US. ![]() The latter was used to target the Ukraine in 2016 causing power outages. To date there are four known types of energy related industrial control system malware, Stuxnet, Havex, BlackEnergy2 and Crashoverride. Industroyer/Crashoverride, power grid targeting - Robert Lee, Joe Slowik, Ben Miller, Robert Lipovsky, Anton Cherepanov Think of all the talent we are missing out on and the impact it would have on the 'good guys' team if we could change this. A topic close to my heart, with women representing only 10% of cyber security professionals. He further detailed that we need to be more inclusive in security and attract and retain more women into the industry. Alex suggested that we change our thinking from the 'stupid user' clicked the link to asking ourselves why we did not protect the user from the threat. Refocusing the security community on defence and making security work for everyone - Alex StamosĪn inspiring keynote outlining how the security industry as a whole is not keeping pace with the threats we face. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |