June 3, 2016 - Energy Academic Group
A View from the Grid: A Case Study in SCADA Exploitation
June 3, 2016
ME Lecture Hall
1300
Mr. Billy Rios
Founder, WhiteScope, LLC. Author, Speaker, and Serial Entrepreneur
Abstract
Supervisory control and data acquisition (SCADA) is an industrial automation control system at the core of many modern industries, including: Energy, Oil and gas, Power, Transportation, Food and beverage, Water and waste water, and Manufacturing.
SCADA systems are used by private companies and public-sector service providers. SCADA works well in many different types of enterprises because they can range from simple configurations to large, complex projects. Virtually anywhere you look in today's world, there is some type of SCADA system running behind the scenes, whether at your local supermarket, refinery, waste water treatment plant, or even your own home.
Ukraine, Dragonfly, Havex, Stuxnet… attacks against SCADA has garnered a lot of attention. How are these attacks executed? What are some of the key decision points and operational considerations that operators have to contemplate? What makes exploitation of SCADA infrastructure different from exploitation of traditional IT infrastructure? Join us as we walk through the exploitation of a SCADA deployment, covering the various stages from an operator’s perspective.
Biography
Billy is the founder of Whitescope LLC, a startup focused on embedded device security. Billy is recognized as one of the world’s most respected experts on emerging threats related to Industrial Control Systems (ICS), Critical Infrastructure (CI), and, medical devices. He discovered thousands of security vulnerabilities in hardware and software supporting ICS and critical infrastructure. He has been publicly credited by the Department of Homeland Security (DHS) numerous times for his support to the DHS ICS Cyber Emergency Response Team (ICS-CERT). Billy has worked at Google where he led the front line response for externally reported security issues and incidents. Prior to Google, Billy was the Security Program Manager at Internet Explorer (Microsoft). During his time at Microsoft, Billy led the company’s response for several high profile incidents, including the response for Operation Aurora.
Billy is a contributing author to Hacking: The Next Generation, The Virtual Battlefield, and Inside Cyber Warfare. He currently holds a Master of Science in Information Systems, an MBA, and a Masters of Military Operational Arts and Science.
POC
Dr. Daniel A. Nussbaum
Naval Postgraduate School
Principal, Energy Academic Group
Monterey CA 93943
Phone: 831-656-2387
Mobile: 831-324-3228
Email: dnussbaum@nps.edu