Specifically more physical security personnel, operations, management and IT need enhanced cybersecurity skills to understand the risk, enable mitigating controls, monitor for unapproved access and respond appropriately.
The common theme throughout the NERC conference was a lack of a skilled cybersecurity aware workforce to address this challenge. Luallen also stated that he has been in contact with the ICS-CERT and Allen-Bradley / Rockwell Automation for several weeks to ensure asset owner's were properly notified prior to the public release of the exploit.Ĭritical infrastructure, control systems and their cyber assets that support them continue to be in the news – from Stuxnet over two years ago to recent attacks against the Energy sector. This can be controlled by limiting remote access to the controls network as well as investigating adding a new line to the controller's logic to restrict the bit manipulation." Luallen stressed that any changes to a control environment should be sufficiently tested and validated by the asset owner's and/or vendor(s) prior to implementation. Luallen stated, "The exploit will only be successful if it can flip the bit telling the controller to fault.
Luallen also provided in the presentation mitigating controls for the exploit. As the fault occurred the train stopped and the PLC need to be manually cleared and enabled. Using a model train set to physically represent the harm that could be introduced, Luallen presented his new Metasploit module crafted in less than two hours that could fault an Allen-Bradley MicroLogix Programmable Logic Controller (PLC). Luallen’s work at DePaul University he was a co-author of a recent paper entitled, “Developing a Critical Infrastructure and Control System Cybersecurity Curriculum” accepted by the Infrastructure Security mini-track at the 2013 Hawaiian International Conference on System Sciences. Luallen serves many roles as the President of CYBATI, adjunct faculty at DePaul University, and as a certified instructor for the SANS Institute.
Its plc professional edition micrologix 1400 full#
Luallen has been researching and developing education academically and professionally for control system asset owners, CERTs and government agencies and this was the first conference with a full demonstration. Luallen, CYBATI Co-Founder and President, discussed social engineering tactics and used live demonstrations to emphasize how socially engineered trusted access can debilitate a control environment. The annual conference included keynotes and presentations from Gerry Cauley, NERC President and CEO Admiral Thad Allen, USCG (Ret.) and, Mark Weatherford, Deputy Under Security for Cybersecurity, Department of Homeland Security. Over 250 people attended the NERC GridSecCon 2012 in San Diego, CA. The conference covered topics including emerging industrial control system security issues, social engineering and spear phishing, electromagnetic pulse threats and security crisis management. The conference brought together industry and government security professionals to discuss grid security concerns, trends, and best practices. NERC hosted its second Grid Security Conference (GridSecCon 2012) on October 16-18 in San Diego.
0 kommentar(er)
