The last several years has seen a rapid growth in critical infrastructure cyber security. Within this domain, the issue related to SCADA and process control have received much attention. As a follow on to last years session that was an introduction to cyber security and industrial control systems, this briefing will extend the material to look at vulnerabilities and test results in the industrial automation and SCADA realm. Topics covered will include:
- Overview of common vulnerabilities in SCADA/ICS
- Examples of how open source data can be used to build target folders
- Geo locating resources and cross-sector security concerns
- Analysis of results from in-house testing of control systems
- Discussion of results from a national scan of identified resources (Nation not named)
- Analysis of SCADA/ICS traffic on the internet (where it really shouldn’t be)
*these topics may change slightly depending on availability of data at time of briefing