Completed
black hat USA 2017
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Are Cyber-Attacks on the Power Grid Limited to Nation-State Actors?
Automatically move to the next video in the Classroom when playback concludes
- 1 black hat USA 2017
- 2 Once upon a time... Understanding security and privacy for future smart cities Training and research environment
- 3 Model is there... How do you connect devices?
- 4 Accessing Setpoints From Front Panel Use buttons Over Modbus
- 5 Breaking the encryption algorithm Passcode/encrypted passcode pairs Manual cryptanalysis Chosen Plaintext Attack (CPA)
- 6 What can be done with this? Encrypted passcode is a setpoint Can change the passcode locking legitimate operators out
- 7 Responsible disclosure process We first reported this to the GE Product Security Incident Response Team in 2016 The firmware update for the affected device came out later in 2016
- 8 Mitigation GE's firmware update removes the ability to retrieve the encrypted passcode from the screen or Modbus