Explore the vulnerabilities in Industrial Control Systems (ICS) and their interconnected networks in this eye-opening Black Hat conference talk. Delve into the world of low-level ICS protocols and discover how attackers can exploit these connections to compromise not only industrial processes but also higher-level systems like Plant Asset Management (PAS), Manufacturing Execution Systems (MES), and even Enterprise Resource Planning (ERP). Learn about ICSCorsair, an open hardware tool designed for auditing low-level ICS protocols, including HART FSK, Foundation Fieldbus H1, Profibus, and Modbus. Gain insights into how this versatile tool can be controlled via USB or remotely through various wireless connections. Witness demonstrations of triggering vulnerabilities such as XXE, DoS, and XSS in SCADA, PAS, ERP, and MES systems using only ICSCorsair and access to low-level ICS protocol lines. Presented by Alexander Bolshev and Gleb Cherbov, this 44-minute talk offers a comprehensive look at the potential security risks in interconnected industrial systems and the tools that can be used to exploit them.
Overview
Syllabus
ICSCorsair: How I Will PWN Your ERP Through 4-20 mA Current Loop
Taught by
Black Hat