Presentation Title Attacking Critical Infrastructure: Behind the Scenes
Presentation Abstract
Critical infrastructure or process control and SCADA security is a hot topic, both in the security scene and in mainstream media. The industry faces a large number of threats: Old school crime (dDoS threats for extortion), information theft and espionage (Night Dragon and other APT attacks), collateral damage caused by everyday malware like Conficker and more recently cyberwar (Stuxnet), organisations using process control or SCADA technology have involuntarily entered the major league of information security.
With this increased attention, just about everybody knows the story of Stuxnet. Even those of you who only knew Siemens from their phones are now almost intimate with the way in which Siemens PLCs are programmed. And because of reports like that on Night Dragon, we know espionage thrives in the Oil- and Gas sector. And that the American power grid is under control of unknown foreign powers.
This talk takes the audience a step further into the technical details and paints a behind-the-scenes picture. What does the architecture of your average critical infrastructure user (e.g. in oil- and gas or power) look like? Which technology is common, which is not? What is common practice?All this in an attempt to enlighten the audience on the challenges facing the industry protecting its assets against cybercrime. With this, topics addressed will be (the lack of) patching, how come the malware created by a 16-year old can cause almost life threatening incidents? But also the dominant role of Microsoft and their protocols will be discussed.
As part of filling the audience in on the processes and technology (not only in use in Iran), Maarten will peel off all layers of Stuxnet and explain the reason of existence of all of Stuxnet’s components . To continue the journey, Maarten will conclude where today’s threats are and which highlight areas and topics that will be the points of interest for both offenders and defenders.
About Maarten Oosterink
Maarten Oosterink is managing consultant and thought leader critical infrastructure protection at Capgemini. With a technical background starting in the era of BBS’ and phreaking, Maarten started his professional career overseeing all things technical as a manager at the largest webhoster (Vuurwerk Internet) in the Netherlands at the time. After this Maarten joined the Netherlands Forensic Institute’s Digital Technology department as their BOFH. As such, he burnt Dutch taxpayer’s money on state-of-the-art network, computing and storage technology. He grew into a more operational role, participating in casework (lawful interception) and advising law enforcement and the like.
In 2005, Maarten joined Capgemini as a consultant. Since then, he has been dealing with IT infrastructure and security for clients across multiple markets. As such Maarten has a broad experience dealing with critical infrastructure. The past few years Maarten has been engaged with one of the oil majors, improving their process control security worldwide. His previous speaking engagements include Govcert, ENFSC and a number of closed events.