Explore a critical cybersecurity talk from Black Hat USA 2017 that challenges the notion that power grid attacks are limited to nation-state actors. Delve into a live demonstration of exploiting a vulnerability in a feeder management relay, showcasing its potential impact on national infrastructure. Learn about mitigation strategies, including a specific firmware update addressing the vulnerability, and gain insights into future steps for securing power infrastructure. Discover the process of breaking encryption algorithms, accessing setpoints, and the responsible disclosure process. Understand the implications of cyber-attacks on smart cities and the importance of securing critical infrastructure components.
Are Cyber-Attacks on the Power Grid Limited to Nation-State Actors?
Overview
Syllabus
black hat USA 2017
Once upon a time... Understanding security and privacy for future smart cities Training and research environment
Model is there... How do you connect devices?
Accessing Setpoints From Front Panel Use buttons Over Modbus
Breaking the encryption algorithm Passcode/encrypted passcode pairs Manual cryptanalysis Chosen Plaintext Attack (CPA)
What can be done with this? Encrypted passcode is a setpoint Can change the passcode locking legitimate operators out
Responsible disclosure process We first reported this to the GE Product Security Incident Response Team in 2016 The firmware update for the affected device came out later in 2016
Mitigation GE's firmware update removes the ability to retrieve the encrypted passcode from the screen or Modbus
Taught by
Black Hat
