Taking Down the Grid

Presented at DEF CON 30 (2022), Aug. 12, 2022, 12:45 p.m. (50 minutes).

Media hype concerning ""attacks"" on the electric grid is common through multiple sources, but ignores actual vectors of concern for impacting electric services to populations. This talk will examine how cyber effects can effectively impair electric services, focusing on how cyber can leverage underlying system dependencies and opportunities to achieve outsized impacts. In addition to reviewing the most studied disruptive cyber events on electric systems (2015 and 2016 Ukraine), this talk will also explore ""near miss"" events (such as the Berserk Bear campaigns from 2017 through at least 2020) as well as recent events in Ukraine. Furthermore, we will also discuss the lessons from non-cyber events (such as the 2003 blackouts in North America and Europe, and more recent incidents) to illustrate necessary steps to effectively disabling the delivery of electric services.

As a result of this discussion, attendees will emerge with a more thorough understanding of the number of steps and actions required to overcome existing protections and redundancies in electric environments. Additionally, attendees will learn of potential shortcuts through external events and environmental factors that can enable outsized effects. Overall, this discussion will inform attendees as to the overall complexity of electric systems, and what types of actions are necessary to undermine such systems through cyber means.


Presenters:

  • Joe Slowik - Threat Intelligence & Detections Engineering Lead
    Joe Slowik has over a decade of experience across multiple facets of information security and offensive computer network operations. Currently leading threat intelligence and detection engineering work at Gigamon, Joe has previously performed cyber threat intelligence research at DomainTools and Dragos, and spent several years in both the US Department of Energy and as an Officer in the US Navy.

Similar Presentations: