Explore a comprehensive conference talk on SCADA/ICS security vulnerabilities, focusing on potential threats to critical infrastructure like nuclear power plants and oil rigs. Delve into practical exploitation techniques, including a live demonstration of simulated power grid attacks. Gain insights into typical ICS architecture, security challenges, and case studies involving floating manufacturing. Learn about various attack methods such as man-in-the-middle and NTP attacks, as well as essential defense strategies like network segmentation and education. Suitable for those with general IT security knowledge, TCP/IP understanding, and basic programming skills.
SCADA - ICS Inherited Insecurity - From Nuclear Power Plants to Oil Rigs
Overview
Syllabus
Intro
What is ICS
Typical ICS Architecture
Different Systems
Is it secure
Security by obscurity
Remote clients
Tools attackers need
Case study FPSO
What is Floating Manufacturing
Air Gap Server
Transferring Files
Notepad
QR Code
Maninthemiddle Attack
NTP Attack
Improving Security
Defenseindepth
Network Segmentation
Education
Key takeaways
Questions
Taught by
RSA Conference
