While at DerbyCon this year there was many great talks that discussed new techniques and tactics. DerbyCon is a great conference that showcases some of the best security researches’ work. Researches from around the world descend on Louisville Kentucky for 3 days to showcase their work in the security realm. With topics such as Anti Forensics, Password Cracking, and Red Teaming, the topics are diverse and have something for all level of skill sets and knowledge bases.
As ICS Security Professionals, it is key to keep up with current ICS Security trends, as well as general security trends. Going to general security conferences such as DerbyCon is valuable since learning techniques that are being used in other sectors. As an example, attacks on a financial system could cross over to ICS systems. In the talk “Cash is King: Who’s Wearing Your Crown?” the researchers covered how they are able to steal an authenticated database session and perform queries, as well as manipulate the database tables. This type of attack may be able to be executed on ICS systems as well, possibly even with out any alteration of code from the attack.
Some talks discussed devices that are used within control systems. For example, Josh Thomas briefly discussed ICS devices in “Hiding @ Depth – Exploring – Subverting and Breaking NAND Flash memory” as Josh discussed, this type Memory is commonly used within ICS devices. He demonstrated on mobile phones attacks that would overwrite the NAND. Like the movile devices shown in the demonstrations, ICS devices with NAND may be susceptible to these types of attacks.
Much like previous years, this year had talks that were directly related to ICS environments. The talk “How the Grid Will Be Hacked” covered some scenarios in which the nations electric infrastructure may be attacked by hackers. At non-ICS Security Conferences it is good to see our fellow security professionals sit in on ICS specific talks in order to encourage broader understanding of current trends within the ICS Security field
Most of the videos from the conference have been posted online here. I would recommend watching videos that are not the normal security realms that you would pay attention to. With so many talks on many different topics it is always beneficial to expand your knowledge of different security topics.
Image from DerbyCon