Remote Physical Damage 101 - Bread and Butter Attacks

Explore the world of remote physical damage attacks in this Black Hat conference talk. Delve into the concept of "unexpected physics" in cyber-physical systems and learn about generic "bread and butter" attacks applicable across various scenarios. Discover how attackers can exploit common configurations of valves, pumps, and pipes to cause physical damage through purely cyber means. Examine the current state of security in process control networks and understand why defending against network intrusions alone is insufficient. Gain insights into various attack techniques, including pressure transients, water hammer heating, gravity hammer steam veld collapse, and three-phase attacks. Consider the importance of implementing physical controls to mitigate attacker effectiveness even after code execution is achieved. Use this presentation as a starting point for discussions on improving security measures in industrial control systems beyond traditional network defenses.