Overview
Explore common flaws in Industrial Control Systems (ICS) network protocols through this comprehensive conference talk from the Hack In The Box Security Conference. Dive into the analysis of six widely used ICS protocols in critical infrastructure sectors, including power, water, transportation, petroleum, and manufacturing. Learn about the potential risks associated with both public and private ICS protocols, and discover how attackers can exploit vulnerabilities to sniff traffic without encryption and perform command or response injection attacks on Programmable Logic Controllers (PLCs) without proper authentication. Witness four attack demonstrations showcasing the significant impacts of these common flaws on ICS security. Gain insights from cybersecurity experts Mars Cheng and Selmon Yang as they discuss the importance of balancing security concerns with operational requirements in ICS environments. Explore topics such as ICS architecture, security advisories, technology matrices, and the current state of ICS security. Understand the crucial role of ICS in critical infrastructure operations and the challenges faced when implementing public and private protocols.
Syllabus
Intro
About T1 Networks
ICS Architecture
ICS Security Advisory
ICS Tech Matrix
ICS Situation
Importance of ICS
Public vs Private ICS
Open Protocols
MP3 Protocol
Things Protocol
Demonstration
Taught by
Hack In The Box Security Conference