Welcome to the Interactive Agenda for the 2016 ICS Cyber Security Conference! (View the full ICS Cyber Security Conference website here)  This agenda is currently a work in progress, please check back often as our team is making upates DAILY. (You can register for the conference here)
Tuesday, October 25 • 2:15pm - 3:00pm
Hacking the Bakken: Attacks on Kelly and Top Drive Oil Rigs

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

This talk will go into detail about how drilling systems communicate and some of the attacks that could be performed on a drilling rig. This includes throwing off toolface information and burning out motors in BITs, Disabling H2S and sour gas detection systems, changing survey data to cause the drilling crew to drill out of zone causing sidetrack and time drilling operations that can cost millions of dollars to a drilling rig. And finally modifying chromatograph information and mud weight causing a blow out and potentially burning a rig to the ground. Infection methods include excel files used by directional drillers and MWD staff and 3rd party’s. 

Research Background

Using a honeypot run as a disposable mail service on TOR, Weston Hecker came across custom tailored malware including several versions of SAMSAM and Cryptolocker.  In early May he came across a sample that is targeting (WITS) information “Wellsite Information Transfer Specification” and (MWD) Measure while drilling systems associated with land based drilling platforms. This lead him to do research the attack surface of a drilling rig.

avatar for Weston Hecker

Weston Hecker

Sr. Pentester & Senior Security Engineer, NCR Corporation
Weston Hecker has been pen-testing for 11 years and has 12 years of experience doing security research and programming. He is currently working for NCR Corporation. Weston has recently spoken at Blackhat 2016, Defcon 22,23 and 24, Enterprise Connect 2016, ISC2-Security Congress, SC-Congress... Read More →

Tuesday October 25, 2016 2:15pm - 3:00pm EDT
Breakout 1 (Salon 1,2,3)