Presented at
DEF CON 16 (2008),
Aug. 8, 2008, 1:30 p.m.
(20 minutes).
We now live in an age where attacks on critical infrastructure will cause real world harm. An increasing global concern regarding cyber-terrorism reflects the problem critical infrastructure security poses for many large IT consulting companies, telecommunications providers, utilities and industrial companies.
SCADA networks are the foundation of the infrastructure which makes everyday life possible in most first world countries. This talk will provide an introduction to critical infrastructure environments and SCADA networks and the major differences that exist between understood security best practice and the protective measures regularly found (or not) in these networks.
The most common security mistakes will be covered, as will real world examples taken from penetration testing SCADA environments. Additionally, this talk will expose some of the potentially catastrophic consequences of a failure in a production SCADA environment. There will be an examination of the critical infrastructure hysteria which is currently in vogue and some consideration of steps which can be taken to secure these networks and prevent cyber-terrorism.
Presenters:
-
Morgan Marquis-Boire
- Principal Consultant, Security-Assessment.com
Morgan Marquis-Boire is a Principal Security Consultant at Security-Assessment.com where he specializes in Unix, forensics, and network security. He has a degree in philosophy and enjoys big kit and forgotten networks. Prior to his present incarnation as a corporate security guy, he's worked doing cluster computing, government infrastructure, Linux security appliances, and a security start-up in Japan. He has penned articles for magazines, written whitepapers, and presented at conferences around the world on a diverse range of subjects from SAN Security to Anonymous Network Technologies.
Links:
Similar Presentations: