During this presentation we will cover newly discovered Siemens Simatic S7-1200 PLC vulnerabilities. I plan to demonstrate how an attacker could impersonate the Siemens Step 7 PLC communication protocol using some PROFINET-FU over ISO-TSAP and take control.
Dillon Beresford is an independent security researcher who also works as a security analyst at NSS Labs. He has tested the world's leading Network IPS, IDS, HIPS, AV, and NGFW products. For the last few years Dillon has disclosed vulnerability advisories to US-CERT, ICS-CERT and CN-CERT. In 2011 he developed an exploit for one of the most popular high performance production SCADA/HMI software applications in China which is widely used in power, water conservancy, coalmine, environmental protection, defense and aerospace. In the past Dillon has presented on vulnerabilities affecting industrial control systems, embedded systems, software, and hardware. He has given presentations on a wide array of vulnerabilities primarily targeting devices and software in The People's Republic of China. His presentations have included vulnerabilities in Huawei devices running VxWorks, Beijing based WellinTech KingView SCADA and Beijing based NSFOCUS, Sunway China Unicom, China Telcom, China Railcom and AVCON.