PLCs, Smart Meters, SCADA, Industrial Control Systems…nowadays all those terms are well known for the security industry. When critical Infrastructures come into play, the security of all those systems and devices that control refineries, Water treatment or nuclear plants pose a significant attack vector.
For years, the isolation of that world provided the best 'defense' but things are changing and that scenario is no longer valid. Is it feasible to attack a power plant without ever visiting one? Is is possible to hack into a Smart meter…without having that Smart Meter? Yes, it is. This talk discusses the approach followed to do so, mixing theory and practice.
This presentation pivots around the analysis of firmware through reverse engineering in order to discover additional scenarios such as backdoors, confidential documentation or software, vulnerabilities... Everything explained will be based on real cases, unveiling curious 'features' found in industrial devices and finally disclosing some previously unknown details of an interesting case: a backdoor discovered in a family of Smart Meters.
We will navigate through the dark waters of Industrial Control Systems, where the security by obscurity has ruled for years. Join us into this journey, here be backdoors…
Ruben Santamarta works as security researcher at IOActive labs. He has been mainly focused on offensive security and research, discovering dozens of vulnerabilities in leading software and industrial vendors, also worked in other areas such as malware analysis or anti-fraud technologies. During the last few years he has been researching into the ICS security, releasing important vulnerabilities and presenting a research about very specific attacks against the power grid. Ruben has been presenting at international conferences such as Ekoparty, AppSecDC, RootedCon..