Conference – CyberDanube https://cyberdanube.com/en/ Being prepared is the key to success Mon, 09 Jan 2023 09:24:40 +0000 en-US hourly 1 https://wordpress.org/?v=6.7 https://cyberdanube.com/wp-content/uploads/2022/02/favicon_32x32.png Conference – CyberDanube https://cyberdanube.com/en/ 32 32 [3 … 3] Conference – DeepSec 2022 “Faking at Level 1 – How Digital Twins Save Your PLCs” https://cyberdanube.com/en/3-3-conference-deepsec-2022-faking-at-level-1-how-digital-twins-save-your-plcs/ Thu, 17 Nov 2022 15:40:32 +0000 https://cyberdanube.com/en/?p=4205

3 out of 3 confirmed conference talks in 2022!

Looking back on a successfull conference marathon so far. DeepSec was a blast!

DeepSec is a very specialized and a technically deep-dive infosec event. CyberDanube had some really good conversations and some deep OT and IoT/IIoT discussions regarding our product MEDUSA. We got the chance to meet exciting contacts and made some future opportunities.

On top we had the pleasure to talk about our main topics of “digital twins out of firmware to support e.g. security assessments”, especially in critical environments on PLCs. Now, we are looking back to a successfull 2022 and further conferences like this one in 2023.

Read a short interview in advanced:

DeepSec 2022 Talk: Faking at Level 1 – How Digital Twins Save Your PLCs – Thomas Weber

For those who have not enough yet … spoiler alarm – all talks are summarized in a book! As soon as it’s available, we’ll share an update on our social media channels.

Talk Content

Every year, numerous big and small incidents in industrial environments, like power plants, factories, or food supply find their way into newspapers. All those affected industries are backed by highly branched and historically grown Operational Technology (OT) networks.

A big portion of such incidents would have been avoidable, if network segmentation was done correctly and patches for user devices (not always possible in OT) were installed. Despite such known problems, that also lead to compromisation of traditional IT networks, a bunch of unknown vulnerabilities are unfortunately also present in OT infrastructure. OT in modern factories contains of networked (and smart) devices, especially on level 1, also called the control level, of the Purdue model. Devices, like PLCs, industrial router/switches, data diodes, and more are cannot be easily tested if they are in use by the factory.

Therefore, solutions for classification and monitoring from different vendors are in use to not put the running infrastructure at risk. These non-intrusive ways for getting a picture about the running infrastructure only give a partial overview from the vulnerability landscape in the OT network but cannot detect unknown vulnerabilities. Testing of such expensive devices instead of using them is often not desired due to the price, and spare items must be available, which is the reason why those devices can’t be touched too. For this reason, digital twins – in terms of virtualization – from the devices in the factory should be created for pentesting purposes.

This twins can be build with different tools (open source/ closed source) and have been used for identifying 0-days during an ongoing research project. After the creation, the virtual appliances were connected to form a full fletched OT network, to imitate a real industrial environment. Testing those virtual appliances does not harm the real infrastructure, but provides a lot of valuable information about the systems in scope. This was tested in practice during engagements and has been recreated and edited for a talk which also includes vulnerabilities that were discovered during such a test setup.

 

For all those who would like to see the corresponding slides of the talk(s) follow the link:

https://deepsec.net/docs/Slides/2022/

Couldn't be there ?

Watch the recording on Vimeo …

]]>
[2 … 3] Conference – ITSecX “Faking at Level 1 – How Digital Twins Save Your PLCs” https://cyberdanube.com/en/conference-itsecx-faking-at-level-1-how-digital-twins-save-your-plcs/ Fri, 07 Oct 2022 19:00:00 +0000 https://cyberdanube.com/en/?p=4144

2 out of 3 confirmed conference talks for 2022 – this time at ITSecX. On the 7th of October the well known cyber security conference in Austria took place – IT-Security Community Exchange (IT-SECX) at the St. Pölten University of Applied Sciences !

This years main topic was themed “Cyber Defense” with the keynote “The Law, Policy and Diplomacy of Critical Infrastructure Protection”. Since the topics “Critical Infrastructure Protection” go hand in hand with OT and furthermore with the use of digital twins in particular – we are able to help to outsource emulations in critical environments in order to test in-depth security and facilitate the way with firmware for pentesters. Therefore CyberDanube was in with another talk by Thomas Weber.
Our talk titled “Faking at Level 1 – How Digital Twins Save Your PLCs ” was therefore the perfect match to expand the requirements and possibilities regarding embedded security in critical infrastructure.

For those who couldn’t made it there, follow the link an watch the talk on YouTube.

Talk Content

Every year, numerous big and small incidents in industrial environments, like power plants, factories, or food supply find their way into newspapers. All those affected industries are backed by highly branched and historically grown Operational Technology (OT) networks.

A big portion of such incidents would have been avoidable, if network segmentation was done correctly and patches for user devices (not always possible in OT) were installed. Despite such known problems, that also lead to compromisation of traditional IT networks, a bunch of unknown vulnerabilities are unfortunately also present in OT infrastructure. OT in modern factories contains of networked (and smart) devices, especially on level 1, also called the control level, of the Purdue model. Devices, like PLCs, industrial router/switches, data diodes, and more are cannot be easily tested if they are in use by the factory.

Therefore, solutions for classification and monitoring from different vendors are in use to not put the running infrastructure at risk. These non-intrusive ways for getting a picture about the running infrastructure only give a partial overview from the vulnerability landscape in the OT network but cannot detect unknown vulnerabilities. Testing of such expensive devices instead of using them is often not desired due to the price, and spare items must be available, which is the reason why those devices can’t be touched too. For this reason, digital twins – in terms of virtualization – from the devices in the factory should be created for pentesting purposes.

This twins can be build with different tools (open source/ closed source) and have been used for identifying 0-days during an ongoing research project. After the creation, the virtual appliances were connected to form a full fletched OT network, to imitate a real industrial environment. Testing those virtual appliances does not harm the real infrastructure, but provides a lot of valuable information about the systems in scope. This was tested in practice during engagements and has been recreated and edited for a talk which also includes vulnerabilities that were discovered during such a test setup.

 

For more information, download the lectures and/or watch the recording on YouTube.

https://itsecx.fhstp.ac.at/archiv/it-secx-2022/vortraege

Couldn't be there ?

For all those who could not make it live, you can watch the recording on YouTube.

]]>
HITB2022 Singapore conference impressions and post-review https://cyberdanube.com/en/1-3-hitb2022-singapore-conference-faking-at-level-1-how-digital-twins-save-your-plcs/ Sat, 27 Aug 2022 08:00:44 +0000 https://cyberdanube.com/en/?p=4018

Conference 1 of 3 for this year… Starting with the first international one in Singapore – here are a few post-thoughts and insights to share.

By the way – if you missed the topic by itself – link to the program: conference.hitb.org/faking-at-level-1-how-digital-twins-save-your-plcs/

#HITB2022SIN // day 1

the conference started with an thrilling keynote about thousands of insecure things and xIoT; went on with talks about fuzzing of MCUs, kernel module exploitation and API security;
having a lunch break with a great meetup in the main area led to a lot of worthwile sharing of experience regarding different security testing methods.
After lunch, security experts were talking about endpoint protection, OT (in)security and partially undisclosed security vulnerabilities.
At the speakers dinner at Lau Pa Sat specialties like smoked fish in bamboo leaves and spicy stingray has been served. At his evening we used to drink Tiger Beer.
Discussions about vulnerabilities, hobbies and domain habits between the speakers rounded up the topics.

#HITB2022SIN // day 2

Day 2 opened by a keynote about espionage and rifle hacking; details about implementation regarding RF electronics hacking were presented and besides the presentations (main track and commsec) there were a group of people with “car hacking” on their agenda; their demonstrations gave some very useful insights about automotive security

Overall, stickers and sweets were always present at hack in the box as well as free coffee and beer (after 5pm). And probably the most important fact, dhillon gave his best as a DJ; he was taking care of good music all the time which was a good preparation for the conference after-party.

#HITB2022SIN // sum it up!

all in all – a very successful start to the conferences for us as CyberDanube – many new topics on our list, useful contacts and some acquaintances, and who knows? Maybe one or the other contact to tie up other topics and projects.

One thing is for sure – HITB, we’ll see you again next year!

]]>
[1 … 3] Conference – HITB2022 Singapore “Faking at Level 1 – How Digital Twins Save Your PLCs” https://cyberdanube.com/en/conference-hitb2022-singapore-faking-at-level-1-how-digital-twins-save-your-plcs/ Thu, 25 Aug 2022 08:00:25 +0000 https://cyberdanube.com/en/?p=4031

1 out of 3 confirmed, upcoming conference talks for 2022 – guess where – in Singapore Hack In The Box (HITB). On our list the topic of digital twins and how they are going to secure the OT environment. We are looking forward to OT, embedded and industry security on 25th of August.

Talk Content

Every year, numerous big and small incidents in industrial environments, like power plants, factories, or food supply find their way into newspapers. All those affected industries are backed by highly branched and historically grown Operational Technology (OT) networks.

A big portion of such incidents would have been avoidable, if network segmentation was done correctly and patches for user devices (not always possible in OT) were installed. Despite such known problems, that also lead to compromisation of traditional IT networks, a bunch of unknown vulnerabilities are unfortunately also present in OT infrastructure. OT in modern factories contains of networked (and smart) devices, especially on level 1, also called the control level, of the Purdue model. Devices, like PLCs, industrial router/switches, data diodes, and more are cannot be easily tested if they are in use by the factory.

Therefore, solutions for classification and monitoring from different vendors are in use to not put the running infrastructure at risk. These non-intrusive ways for getting a picture about the running infrastructure only give a partial overview from the vulnerability landscape in the OT network but cannot detect unknown vulnerabilities. Testing of such expensive devices instead of using them is often not desired due to the price, and spare items must be available, which is the reason why those devices can’t be touched too. For this reason, digital twins – in terms of virtualization – from the devices in the factory should be created for pentesting purposes.

This twins can be build with different tools (open source/ closed source) and have been used for identifying 0-days during an ongoing research project. After the creation, the virtual appliances were connected to form a full fletched OT network, to imitate a real industrial environment. Testing those virtual appliances does not harm the real infrastructure, but provides a lot of valuable information about the systems in scope. This was tested in practice during engagements and has been recreated and edited for a talk which also includes vulnerabilities that were discovered during such a test setup.

 

More information on: conference.hitb.org/faking-at-level-1-how-digital-twins-save-your-plcs/

What's next ?

We are looking forward to some spotlights, lots of cyber security enthusiasts, good conversation and maybe some post-conference-beer.

More information and tickets, see: HITBSecConf2022 – Singapore Website

]]>