Down The Rabbit Hole: Insights From ICS Vulnerability Assessments and Threat Research
iSpeech
Phil Neray and David Atch of CyberX session on the Sponsor Stage at S4x17. David goes into detail on four different ICS vulnerabilities or threats they have encountered in the last year.
6:00 Radiation Botnet ... similar but less famous than Mirai
9:00 Killdisk Malware ... including new variant
15:00 Connexium Industrial Firewall vuln ... bypass the IT/OT security perimeter
17:00 New PLC Vulns ... encoded firmware, graph technique
The PLC vulns at 17:00 was particularly interesting because they had to get past the encoding, and David discusses how they did that. David also touches on their teams use of graph algorithms to identify the probability of vulnerable code. The idea is the graph algorithms automate the reverse engineering process and allows them to put the valuable reverse engineer human resource on likely vulnerable and high value points in the code.
2017-02-08 17:31:08
source
Gloss