Fun InfoSec vid

636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
Nothing surprising in here for the experienced amongst us, but it's a fun watch nonetheless.

https://www.youtube.com/watch?v=pL9q2lOZ1Fw

Comments

  • Chivalry1Chivalry1 Member Posts: 569
    Not surprised at this...SO many companies are open to threats for the sake of money hungry executives. Dev/Prod/Technical/System Admin operation groups are now moving critical systems to the Cloud where they are NOT/CANNOT be monitored by InfoSec teams. Neither are they being patched or AV being deployed.
    "The recipe for perpetual ignorance is: be satisfied with your opinions and
    content with your knowledge. " Elbert Hubbard (1856 - 1915)
  • BlackBeretBlackBeret Member Posts: 683 ■■■■■□□□□□
    So it took me a while to get past how these guys were acting. I understand the work hard, play hard mentality, but they seemed like they were just throwing random tools at everything. "Oh I look like I'm going to combat lolz"... It was hard to take them serious at anything they were doing. For those that haven't looked at or played with ICS there's a lot they left out, and a lot these guys probably didn't know either. ICS systems typically all have multiple forms of mechanical safety, electro-mechanical non-connected backups, and let's not forget about all of the stand alone systems. "I could run a single command and shut it all down". No, you can run a single command attempting to shut it down across the wire, but the PLC's are going to switch it to a local control system. Worst case you shut off a part of the distribution chain by taking physical action, then load balancers and backups from other distribution sites fail over to cover the gap. Actually, worst case you some how get in to the production environment, but all of the physical safeguards in there would make any cyber attack attempt useless.

    People think that because there's a computer on the line that it's in control, a lot more goes in to these types of systems than they know. If you want to see how an actual attack against a powergrid less robust than ours went take a look at the analysis of the attack on the Ukrainian power grid. Keep in mind their grid is less robust, it took the (assumed state-sponsored) attackers 6 months, and they took down three distribution sites for 6 hours, effecting 225,000 people (or less than 20% of San Antonio). Part of this attack involved writing custom firmware for media converters, getting them updated without anyone noticing, and coordinating multiple phases of the attack to occur simultaneously across the system.

    The guys in the video sticking rubber duckies in to unlocked computer terminals couldn't have really effected much, unless they left out the fact that one or two of them was an electrical engineer that spent time designing these networks.

    NERC
Sign In or Register to comment.