Welcome to the Interactive Agenda for the 2016 ICS Cyber Security Conference! (View the full ICS Cyber Security Conference website here)  This agenda is currently a work in progress, please check back often as our team is making upates DAILY. (You can register for the conference here)
Wednesday, October 26 • 11:45am - 12:30pm
Industrial Equipment Exposed: The Rise of Industrial Vulnerabilities

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

The ICS threat landscape is expanding fast. With the rise of the Industrial IoT, and increased device connectivity, no mission-critical entity is safe. On one hand, the expansion of the Internet also makes ICS easier prey to attackers, with ICS components being available online. On the other hand, attackers can easily attain industrial products and technologies and reveal relevant vulnerabilities to exploit. Both aspects emphasize that it is getting increasingly simpler for attackers to exercise their will in industrial environments, having to invest less resources to do so.

In this session, we will provide an example which emphasizes this trend, where the CyberX research group was able to expose vulnerabilities within a leading vendor’s PLC, getting from complete obscurity to the desired end-game, while having to cope with diverse challenges. These include physical extraction of components and de-coding of the encoded firmware.

The aforementioned trend in the ICS Security eco-system leads to a flux in ICS vulnerabilities, which is part of the inevitable cat and mouse race between attackers and defenders in the ICS security domain. This race has peaked a new level, where every Industrial IoT environment is in harm's way. We will also outline the need for comprehensive threat analysis tools for the ICS industry required to mitigate the ever growing risks.

Attendee takeaways

  1. Understanding of the unique, yet attainable methods required for discovering and exploiting ICS vulnerabilities and how these facilitate the rising number of ICS cyber incidents.
  2. Industrial hacking expertise, once thought to be rare, is becoming more common knowledge.
  3. Forward thinking insights regarding the need for effective and readily available tools for the ICS industry.

avatar for David Atch

David Atch

VP of Research, CyberX
David is a highly experienced security professional with vast experience in reverse engineering and unique knowledge in malware research. During his military career in the Israel Defense Forces (IDF), Atch lead a team of programmers and reverse engineers, hunting and mitigating complex... Read More →
avatar for Nir Giller

Nir Giller

CTO and Co-Founder, CyberX
Nir Giller, Co-founder and CTO of CyberX, is a seasoned security researcher with extensive knowledge and experience in securing OT networks. Following a lengthy career, as a Team Leader and a Security System Engineer in the Israel Defense Forces (IDF) elite cyber unit, Giller brings... Read More →

Wednesday October 26, 2016 11:45am - 12:30pm EDT
Grand Ballroom