If you haven't just emerged from a coma, you probably have some idea of the multifaceted attack surface that the inevitable modernization of power transmission and distribution is rapidly introducing.
What you may not be thinking about just yet, though, is the path much of that attack surface travels on... The air around you.
Our talk gives a crash course in the brain-melting number of wireless Smart Grid radio implementations very quickly popping up all around us (some built on actual standards, some snuggled in the comforting blanket of proprietary obscurity) and describes our own experience in reverse engineering Smart Grid radio stacks, and how it's possible to gnaw one's way through to the soft, squishy SCADA underbelly, invariably hiding just below the surface.
Along the way, we'll take a hard look at the future landscape of theft of service, point out some larger threats, and try to find a realistic middle ground between the "we're doomed" and the "let's all put our toasters on the Internet" camps in what ultimately is (warts and all) a natural and inevitable step forward.
Shawn Moyer spent four years at the Cleveland School of Metaphysics, where he met with such great success in his ontology research that the school, provably, no longer exists Following that, Shawn studied business writing with Dr. Lazlo Toth, producing a groundbreaking work linking colon frequency in email correspondence in the plastics industry to a rise in factory floor accidents Today, Shawn works as a Principal Consultant with FishNet Security's assessment team, helping customers transform critical infrastructure vulnerabilities into PDF documents.
Nathan Keltner, widely held to be the finest Nathan Keltner of his generation, once lifted a Volkswagen Jetta above his head for over thirty seconds while reciting a passage from Finnegan's Wake Though born without the capacity to see the color amber, he nonetheless developed a keen interest in technology at a young age, compensating for his disability by learning to identify the position of his PC's "turbo" button by feel alone. Nathan is a Security Consultant with FishNet Security's assessment team as well as a regular contributor to the Metasploit project, and finds Ruby's lack of indentation rules quite liberating, actually.