Hacking the Smart Grid

Presented at DEF CON 17 (2009), Aug. 1, 2009, 3:30 p.m. (20 minutes)

The city of Miami and several commercial partners plan to rollout a "smart grid" citywide electrical infrastructure by the year 2011. This rollout proceeds on the heels of news that foreign agents have infiltrated our existing electrical infrastructure and that recent penetration tests have uncovered numerous vulnerabilities in the proposed technologies. Simultaneously, the National Institute for Standards in Technology (NIST) has recently released a roadmap for producing Smart Grid standards. In this Turbo Talk, I will discuss the flaws with the current guidelines and map them to the criticisms of similar regulatory mandates, including the Payment Card Industry Data Security Standard (PCI DSS), that rely heavily on organizations policing themselves.

Presenters:

• Tony Flick
  Tony Flick has been working in the Information Security field for more than 6 years. As a security consultant, Mr. Flick has assisted numerous organizations in achieving compliance with federal regulations and industry standards. His expertise includes risk management and compliance, assessments and audits, and research in emerging technologies. Mr. Flick has previously presented at the OWASP Tampa local chapter on application security concepts.

Links:

• https://defcon.org/html/defcon-17/dc-17-speakers.html#Flick
• https://infocon.org/cons/DEF CON/DEF CON 17/DEF CON 17 video and slides/DEF CON 17 - Tony Flick - Hacking the Smart Grid - Video and Slides.mp4 (Video and Slides)
• https://www.youtube.com/watch?v=EH4mvdwVWxE

Similar Presentations:

• DerbyCon 3.0 All in the Family (2013) / How the Grid Will Be Hacked
• Black Hat USA 2011 / Pentesting the Smart Grid
• DEF CON 19 (2011) / Attacking and Defending the Smart Grid