OUR SOLUTION
Ironclad Operational Data Integrity

OUR SOLUTION
Ironclad Operational Data Integrity

'Look mom! No vulns!”: Attacking Smart Systems By Faking Signals, No 0-Days Required. - Michael Shalyt


(45 mins) Michael Shalyt, Head of Product and Red Team, Aperio. As the world becomes increasingly Smart, we rely more and more on remote sensor data to be our eyes and ears. From the cameras used by security guards at a bank to the turbine RPM sensor used by control room operators at a power plant. Both humans and algorithms make decisions based on this data, all day, everyday. But what if that information is wrong? What if an attacker manipulates the decision makers (be it man or machine) into doing the wrong thing? An intelligent adversary can wreak havoc on a Smart system by faking sensor information, thus creating an illusion of a false state. The lie can hide malicious activity by simulating a normal system state, or even worse: fooling the system into damaging itself. In this talk we’ll discuss several real life scenarios of damage done by state awareness failure, from statewide blackouts to traffic jams. We’ll talk about the unique fingerprint of every physical process and state - and see a demonstration distinguishing 2 identical motors. Then we’ll use this technique to detect synthetic and fake data by “reading between the lines” of the signal. Finally, we’ll show a live SCADA attack demonstration from our lab that hides the damage it’s causing from the control room operators and demonstrate how such an illusion can be broken using intelligent algorithms.

FAST FACTS

Solutions deployed at critical infrastructure sites across EMEA

Solutions deployed at critical infrastructure sites across EMEA

Certified OSIsoft Partner

Certified OSIsoft Partner

2017 Gartner Cool Vendor, Digitalization through Industry 4.0

2017 Gartner Cool Vendor, Digitalization through Industry 4.0

Free Electrons 2017 Cohort, Most Innovative Energy Startup

Free Electrons 2017 Cohort, Most Innovative Energy Startup

Winner 2017 Cyber Defense Magazine InfoSec Award

Winner 2017 Cyber Defense Magazine InfoSec Award

Winner 2017 CyberTech Startup Challenge

Winner 2017 CyberTech Startup Challenge

FAST FACTS

Solutions deployed at critical infrastructure sites across EMEA

Solutions deployed at critical infrastructure sites across EMEA

Certified OSIsoft Partner

Certified OSIsoft Partner

2017 Gartner Cool Vendor, Digitalization through Industry 4.0

2017 Gartner Cool Vendor, Digitalization through Industry 4.0

Free Electrons 2017 Cohort, Most Innovative Energy Startup

Free Electrons 2017 Cohort, Most Innovative Energy Startup

Winner 2017 Cyber Defense Magazine InfoSec Award

Winner 2017 Cyber Defense Magazine InfoSec Award

Winner 2017 CyberTech Startup Challenge

Winner 2017 CyberTech Startup Challenge