|Форум АСУ в Україні
|Attacking an ICS from the "Inside-Out": Looking at Chained E
|Сторінка 1 з 1|
|Автор:||san [ 31 травня 2016, 12:27 ]|
|Тема повідомлення:||Attacking an ICS from the "Inside-Out": Looking at Chained E|
Attacking an ICS from the "Inside-Out":Looking at Chained Exploits to Gain Access to Trusted Internal Resources
This demonstration takes a look at a real-world scenario of how an external threat would attack an industrial control system (ICS) using social engineering vectors to gain initial access to the enterprise network, and then utilize chained exploits to pivot his way through the networks, firewalls, and hosts to finalize compromise a PLC that is installed on an "supposedly isolated" network deep within the architecture.
This demonstration is based on analysis of vectors recently used by sophisticated attacks and advanced persistent threats including Stuxnet, Night Dragon, Duqu, and our long-time favorite - Conficker. The first part walks you throught the actual attack, while the second part discusses some of the many security controls that could be applied to create a defense-in-depth solution to stop similar attacks.
The information presented is based on data collected from several real-world security assessments of ICS networks and those networks that the ICS is interconnected.
|Сторінка 1 з 1||Часовий пояс UTC + 2 годин [ DST ]|
|Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group