reghakr
Essential Member
Dillon Beresford and Brian Meixell were planning to perform a demonstration of how to attack critical infrastructure at the TakeDown Conference but cancelled after they were "asked very nicely" to refrain from providing that information. Beresford, a security analyst at NSS Labs, told CNET that he then decided that it would be "in the best interest of security" to comply with that request.
A conference organiser said that it was Siemens and the Department of Homeland Security's Link Removed - Invalid URL division which made the request. The presentation, "Chain Reactions – Hacking SCADA", was due to demonstrate how traditional exploits could be harnessed to carry weaponised malicious code and how that code could be developed without direct access to the target hardware. The Stuxnet breakout last year appears to have been the first of this kind of attack, but Beresgord and Meixell were planning to show how it could be performed without the backing of a nation state.
In particular, they were going to show vulnerabilities in Siemens Programmable Logic Controllers. Link Removed due to 404 Error that ICS-CERT had been notified, given exploits and confirmed that they worked. According to Beresford, ICS-CERT said they were "far-reaching and more serious than anything they’ve ever dealt with". Siemens were notified by ICS-CERT and was working on patches but upon seeing the researchers' presentation Siemens realised that their mitigation would not work and requested the talk not go ahead.
Beresford's boss, NSS Labs Chief Executive Rick Moy, said that Bereford was not prevented from presenting but decided to not speak as the "vendor's proposed mitigation had failed". He added that ICS-CERT had done a "great job assisting us" and that they looked forward to Siemens addressing the issue for their customers. In a posting on Link Removed due to 404 Error Moy invited legitimate owners and operators of SCADA PLCs to contact the company for further information.
See also:
•Link Removed due to 404 Error, a report from The H.
•Link Removed due to 404 Error, a report from The H.
•Link Removed due to 404 Error, a report from The H.
Source:Researchers cancel SCADA hack talk - The H Security: News and Features
A conference organiser said that it was Siemens and the Department of Homeland Security's Link Removed - Invalid URL division which made the request. The presentation, "Chain Reactions – Hacking SCADA", was due to demonstrate how traditional exploits could be harnessed to carry weaponised malicious code and how that code could be developed without direct access to the target hardware. The Stuxnet breakout last year appears to have been the first of this kind of attack, but Beresgord and Meixell were planning to show how it could be performed without the backing of a nation state.
In particular, they were going to show vulnerabilities in Siemens Programmable Logic Controllers. Link Removed due to 404 Error that ICS-CERT had been notified, given exploits and confirmed that they worked. According to Beresford, ICS-CERT said they were "far-reaching and more serious than anything they’ve ever dealt with". Siemens were notified by ICS-CERT and was working on patches but upon seeing the researchers' presentation Siemens realised that their mitigation would not work and requested the talk not go ahead.
Beresford's boss, NSS Labs Chief Executive Rick Moy, said that Bereford was not prevented from presenting but decided to not speak as the "vendor's proposed mitigation had failed". He added that ICS-CERT had done a "great job assisting us" and that they looked forward to Siemens addressing the issue for their customers. In a posting on Link Removed due to 404 Error Moy invited legitimate owners and operators of SCADA PLCs to contact the company for further information.
See also:
•Link Removed due to 404 Error, a report from The H.
•Link Removed due to 404 Error, a report from The H.
•Link Removed due to 404 Error, a report from The H.
Source:Researchers cancel SCADA hack talk - The H Security: News and Features