SCADA Strangelove or: How I Learned to Start Worrying and Love the Nuclear Plants

Presented at DEF CON 20 (2012), Unknown date/time (Unknown duration)

Modern civilization unconditionally depends on information systems. It is paradoxical but true that SCADA systems are the most insecure systems in the world. From network to application, SCADA is full of configuration issues and vulnerabilities. During our report, we will demonstrate how to obtain full access to a plant via: - a sniffer and a packet generator - FTP and Telnet - Metasploit and oslq - a webserver and a browser About 20 new vulnerabilities in common SCADA systems including Simatic WinCC will be revealed in the report. Releases: - modbuspatrol (mbpatrol) - free tool to discover and fingerprint PLC - Simatic WinCC security checklist - close to real-life exploit scenario for a Simatic WinCC based plant

Presenters:

• Sergey Gordeychik - Chief Technical Officer
  Sergey Gordeychik: The main areas of Sergey's work are the development of the compliance and vulnerability management systems, practical implementation of the GRC concept, and guidance of the team of professional ethical hackers. Sergey Gordeychik has developed a number of training courses, including "Wireless Networks Security" and "Analysis and Security Assessment of Web Applications," published several dozens of articles in various titles and a book called "Wireless Networks Security." He is the Science Editor of the SecurityLab.ru portal, a member of the Web Application Security Consortium (WASC) Board of Directors and the RISSPA Council of Experts. Sergey Gordeychik is the Director and Scriptwriter of the Positive Hack Days forum. www.phdays.com. http://sgordey.blogspot.com
• Denis Baranov - Principal Researcher
  Denis Baranov: The main areas of Denis work are web vulnerabilities research, source code analysis, and black SEO countermeasures. He is the author of "Modern Ways of DNS-Rebinding Exploitation ". He is a frequent speaker at security conferences in Russia, including Positive Hack Days and ZeroNights. He is also a member of the PHDays CTF development team. http://www.linkedin.com/pub/denis-baranov/50/681/627 Denis on LinkedIn
• Gleb Gritsai - Principal Researcher
  Gleb Gritsai is a leading penetration tester and principal security researcher at Moscow based security company. Main areas of Gleb's work are protocol security analysis, fuzzing and reverse engineering. Areas of interest also cover security of enterprise software, telecom infrastructures and smart card security. He is a member of the PHDays CTF/challenges development team. Twitter: @repdet repdet.blogspot.com

Links:

• https://defcon.org/html/defcon-20/dc-20-speakers.html#Gordeychik

Similar Presentations:

• DEF CON 18 (2010) / Exploiting SCADA Systems
• ToorCon San Diego 12 (2010) / Exploiting SCADA Systems
• AppSec USA 2013 / Why is SCADA Security an Uphill Battle?