The S4 SCADA Security Conference
This year I was asked to come speak at S4, a conference hosted by Digital Bond every January for the past 14 years. I was scheduled to speak on the OTDay, a free day for conference attendees intended to:
"Like it or not, your critical infrastructure SCADA or DCS is running a mission critical IT network. It is time to learn how to apply the mission critical IT technology and practices to Operations Technology (OT)."
My talk, given once in the morning and once in the afternoon to a full room of folks, was titled "Tiptoe Through The Network: Practical Vulnerability Assessments in Control Systems Environments". It covered three primary areas:
- Discovery - Finding the assets on your network can be tricky, especially if you are a large organization with 10,000 or more hosts. However, in a control systems environment different segments may have a very small amount of hosts and devices, which means a new host is not a frequently occurring activity. This means being able to passively monitor the network for new hosts is important. Of course when we think of control systems environments there are concerns with network disruption (exp. on the PLCs). I covered P0f, Bro IDS, Tenable's Passive Scanner for tools. For methods of host discovery I also mentioned the ability of Nessus to pull hosts from VMware APIs and logs using Tenable's LCE.
- Vulnerability Management - Many have seen the slides on this one as part of the Vulnerabilities Exposed Webcast Series. I cover what you need to get a successful program started, including policies, procedures and scan schedules/strategies.
- Passive Vulnerability Scanning - Very much of interest to the ICS crowd! I stepped outside the boundaries and used examples such as Tivo, Nest, Wifi Treadmills and Wifi Scales as examples of how PVS can detect vulnerabilities.
The ICS Village
I got to have some fun in the ICS Village, a network of control systems, firewalls and security appliances setup for attendees to scan and hack. I ran Nessus against the entire environment (with some help from fellow Tenable employees). We generated over a gigabit of traffic on the wireless network in just over an hour, and all of my scans completed without errors. It was really a testament to how a well-tuned Nessus scan can accurately and quickly enumerate vulnerabilities. Below are some examples from the scan data:
Conclusion
S4 was a great conference and a good opportunity for people to learn about ICS security topics. The OTDay was followed by two days of in-depth technical content. If you are interested in how Tenable's products can detect SCADA related vulnerabilities, please refer to our SCADA solutions page.
Related Articles
How A CNAPP Can Take You From Cloud Security Novice To Native In 10 Steps
May 23, 2024Context is critical in cloud security. In a recent RSA presentation, Tenable's Shai Morag offered ten tips for end-to-end cloud infrastructure security.
Logs of Our Fathers
September 22, 2009<p>At USENIX in Anaheim, back in 2005, George Dyson treated us to a fantastic keynote speech about the early history of computing. You can catch a videotaped reprise of it <a href="http://www.ted.com/talks/lang/eng/george_dyson_at_the_birth_of_the_computer.html" target="_blank">here, on the TED site</a>. I highly recommend it - there's lots of interesting and quirky stuff. I managed to talk him into giving me a copy of his powerpoint file, and subsequently tracked him down and am re-posting this material with his permission.</p> <h3>November, 1951 </h3> <p style="TEXT-ALIGN: center"><a href="http://www.ranum.com/security/computer_security/papers/ur-syslogs/first_syslog.jpg" target="_blank"><img border="0" height="375" src="http://www.ranum.com/security/computer_security/papers/ur-syslogs/t/first_syslog.jpg" width="500" /></a> <br /><strong>Machine Log #1</strong></p>
ShmooCon 2009 - Playing Poker for Charity
February 12, 2009Tenable sponsored a booth at this year's ShmooCon and ran a Texas Hold'em table to help raise money for the Hackers for Charity organization. We raised close to $400 from conference attendees ...
Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off
October 4, 2024Check out the best practices cyber agencies are promoting during Cybersecurity Awareness Month, as a report warns that staffers are feeding confidential info to AI tools. Meanwhile, a study highlights how business decisions can derail OT security. Plus, get the latest on Active Directory security, CISO salary trends and ransomware attacks!
How to Unlock Advanced IoT Visibility for Cyber-Physical Systems
October 1, 2024As the number of IoT devices deployed globally continues to rise, cyber-physical systems and business operations are exposed to greater risk. Improving asset visibility, monitoring and risk management are critical steps to preventing breaches.
Cybersecurity Snapshot: NIST Program Probes AI Cyber and Privacy Risks, as U.S. Gov’t Tackles Automotive IoT Threat from Russia, China
September 27, 2024A new NIST program will revise security frameworks like NIST’s CSF as AI risks intensify. Plus, the U.S. may ban cars with Russian and Chinese IoT components. Meanwhile, the CSA adds AI insights to its zero trust guide. And get the latest on cybersecurity budgets, SBOMs and the Ghost cybercrime platform!
- Conferences
- Nessus
- Plugins
- SCADA