The Primary School of ICS Security (Danijel Grah)
| February 22nd, 2020Level: Technical
Abstract:
In 2007, researchers demonstrated a proof of concept attack with damaging consequences on a physical device that could be part of critical infrastructure. Later, we witnessed Stuxnet destroying Iran’s nuclear centrifuges and cyber-attacks of critical infrastructure which came into being as far as the broader public is concerned. We also witnessed malware such as WannaCry and NotPetya. From a perspective, both were not designed to have ICS/OT capabilities but nevertheless had a devastating impact due to bad security practices. With the Ukraine blackout saga 2015 and 2016, it was proven that cyber-attacks can have an impact on the electrical grid. It is believed that 2015 no malware with ICS capabilities was used. In 2016 in terms of capabilities, the story changed as Industroyer or Crashoverride was introduced to the world. The first known malware, designed to disrupt electrical grid operations. Industrial systems and Critical Infrastructure hacking and malware made a transition from Hollywood to real life. It is time to address the security and misconceptions of ICS/OT, before we witness another disruption or destruction.
Bio:
Danijel Grah has a bachelor’s degree in computer science at the University of Ljubljana, Slovenia. He works in a Security Operation Center (SOC) as a Cyber Security Analyst at NIL. He has experience in penetration testing, security assessments, programming, consulting and research. He has a deep understanding into threats, vulnerabilities, and trends. In 2019 he got GIAC Response and Industrial Defense (GRID) certified and became GIAC board member. Apart from profession, he loves all kinds of sports.