Upcoming talk @CS3STHLM – Operator Jail Breakouts

BySecudea September 6, 2018

In a few weeks I’ll be giving a talk together with Frank Lycops ( https://asvalis.com) on the hidden dangers of Operator Jail breakouts, how to test these issues, and how to prevent them. The talk will be provided at the CS3sthlm conference in Sweden (https://cs3sthlm.se/).

A brief summary of what to expect:

Operator stations are today one of the first systems/stations to interact with a distributed control system (DCS) or other industrial control systems. These operator stations often have some protection built in to restrict what the operator can do within the SCADA software and/or on the operating system itself.

Within this presentation, some of the most (easily) discovered ways are shown/explained and how these can be (ab)used to gain a further foothold within the environment.

The audience will learn more on the shortcomings of most of the operator jail solutions and what could be done to step up this game to secure this properly. Key takeaways obtained by the audience through this presentation is that you cannot trust operator jails in the thought that it properly protects attackers from gaining access to the operating system itself and thus potentially exploiting the whole DCS environment.

Make sure to drop by if you have the chance!

FAT/SAT | ICS | Security Testing

Practical side of FAT/SAT testing

December 30, 2024December 31, 2024 FAT/SAT, ICS, Security Testing

While listening to one of the talks at the ISC-CPH conference back in 2022, I realized that nobody is talking about the practical side of performing cyber security tests in a FAT/SAT testing approach. It…

ICS | Security

ISC-CPH November 2024 – Day 2

December 30, 2024December 31, 2024 ICS, Security

@Robert Valkama, Fortum & @Mikko Kenttälä, SensorFu – leaks & OT Security – Reap process improvements from Network leaks A good network monitoring will be able to verify if the network segmentation is done properly…

ICS | SCADA | Security

Resources to get into #ICS security

August 8, 2022 ICS, SCADA, Security

Recently I received some questions on what resources I would recommend within the ICS security space to learn more about this. So the question was more specifically about discussion groups, courses, books, certificates and so…

FAT/SAT | ICS | SCADA | Security | Security Testing

using IEC62443-2-4 to reach a more secure ICS – Vendor validation

January 5, 2021 FAT/SAT, ICS, SCADA, Security, Security Testing

Every ICS environment will sooner or later have to deal with updates, upgrades or additions to the control system environment. Nowadays it is important to include security within such projects, although that is still sometimes…

ICS | SCADA | Security

Operator Jail breakout

October 28, 2019 ICS, SCADA, Security

In 2018, I gave a presentation at the CS3STHLM conference together with Frank Lycops on Operator Jail breakouts. Operator Jails are meant to prevent process operators from having access to the underlying operating system (OS),…

Collaboration | ICS | SCADA | Security

Collaboration Network extended

April 1, 2019 Collaboration, ICS, SCADA, Security

After having established a good and close cooperation between Secudea, Onrix and Asvalis, it was time to expand the portfolio of combined services. This is why the collaboration network has been extended with Corelan Consulting…

Similar Posts