The S4 SCADA Security Conference
This year I was asked to come speak at S4, a conference hosted by Digital Bond every January for the past 14 years. I was scheduled to speak on the OTDay, a free day for conference attendees intended to:
"Like it or not, your critical infrastructure SCADA or DCS is running a mission critical IT network. It is time to learn how to apply the mission critical IT technology and practices to Operations Technology (OT)."
My talk, given once in the morning and once in the afternoon to a full room of folks, was titled "Tiptoe Through The Network: Practical Vulnerability Assessments in Control Systems Environments". It covered three primary areas:
- Discovery - Finding the assets on your network can be tricky, especially if you are a large organization with 10,000 or more hosts. However, in a control systems environment different segments may have a very small amount of hosts and devices, which means a new host is not a frequently occurring activity. This means being able to passively monitor the network for new hosts is important. Of course when we think of control systems environments there are concerns with network disruption (exp. on the PLCs). I covered P0f, Bro IDS, Tenable's Passive Scanner for tools. For methods of host discovery I also mentioned the ability of Nessus to pull hosts from VMware APIs and logs using Tenable's LCE.
- Vulnerability Management - Many have seen the slides on this one as part of the Vulnerabilities Exposed Webcast Series. I cover what you need to get a successful program started, including policies, procedures and scan schedules/strategies.
- Passive Vulnerability Scanning - Very much of interest to the ICS crowd! I stepped outside the boundaries and used examples such as Tivo, Nest, Wifi Treadmills and Wifi Scales as examples of how PVS can detect vulnerabilities.
The ICS Village
I got to have some fun in the ICS Village, a network of control systems, firewalls and security appliances setup for attendees to scan and hack. I ran Nessus against the entire environment (with some help from fellow Tenable employees). We generated over a gigabit of traffic on the wireless network in just over an hour, and all of my scans completed without errors. It was really a testament to how a well-tuned Nessus scan can accurately and quickly enumerate vulnerabilities. Below are some examples from the scan data:
Conclusion
S4 was a great conference and a good opportunity for people to learn about ICS security topics. The OTDay was followed by two days of in-depth technical content. If you are interested in how Tenable's products can detect SCADA related vulnerabilities, please refer to our SCADA solutions page.
Related Articles
How A CNAPP Can Take You From Cloud Security Novice To Native In 10 Steps
May 23, 2024Context is critical in cloud security. In a recent RSA presentation, Tenable's Shai Morag offered ten tips for end-to-end cloud infrastructure security.
Logs of Our Fathers
September 22, 2009<p>At USENIX in Anaheim, back in 2005, George Dyson treated us to a fantastic keynote speech about the early history of computing. You can catch a videotaped reprise of it <a href="http://www.ted.com/talks/lang/eng/george_dyson_at_the_birth_of_the_computer.html" target="_blank">here, on the TED site</a>. I highly recommend it - there's lots of interesting and quirky stuff. I managed to talk him into giving me a copy of his powerpoint file, and subsequently tracked him down and am re-posting this material with his permission.</p> <h3>November, 1951 </h3> <p style="TEXT-ALIGN: center"><a href="http://www.ranum.com/security/computer_security/papers/ur-syslogs/first_syslog.jpg" target="_blank"><img border="0" height="375" src="http://www.ranum.com/security/computer_security/papers/ur-syslogs/t/first_syslog.jpg" width="500" /></a> <br /><strong>Machine Log #1</strong></p>
ShmooCon 2009 - Playing Poker for Charity
February 12, 2009Tenable sponsored a booth at this year's ShmooCon and ran a Texas Hold'em table to help raise money for the Hackers for Charity organization. We raised close to $400 from conference attendees ...
Securing Financial Data in the Cloud: How Tenable Can Help
November 4, 2024Preventing data loss, complying with regulations, automating workflows and managing access are four key challenges facing financial institutions. Learn how Tenable can help.
Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security
November 1, 2024Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.
FY 2024 State and Local Cybersecurity Grant Program Adds CISA KEV as a Performance Measure
October 31, 2024The CISA Known Exploited Vulnerabilities (KEV) catalog and enhanced logging guidelines are among the new measurement tools added for the 2024 State and Local Cybersecurity Grant Program.
- Conferences
- Nessus
- Plugins
- SCADA