Introducing a gripping presentation
to be given by Cliff Martin, Principal Engineer, BAE Systems Submarines, at our “Smart way to Industry 4.0 with PROFINET Based Technologies” series of seminars to be held in Coventry and London this March.
On 29th August 2017, a Saudi Aramco employee uploaded a file to the online malware canning site Virus Total; on the 22nd of December, a Schneider Electric Employee would do the same with a second file. Both uploads would go unnoticed for weeks before it became public knowledge that between them, they constitute one of the most dangerous and complex threats to industrial systems ever.
Fast forward to today and the Schneider Electric upload has since been removed on request, but the damage is thought to be done; the parent malware TRISIS/TRITON still remains one of the most complex malware reverse engineering challenges ever.
Safety and Security are becoming more demonstrably linked with each attack on industrial control & automation systems made public. TRISIS was the first published attack made squarely against safety systems, but defending against such attacks is no mean feat.
There has been a large volume of reporting on TRISIS, but it is important to highlight the considerations required, at an organisational level, to treat risks like this; In addition to this, the VT uploads and subsequent removal suggest that the IR process was less than easy.
TRISIS offers us an opportunity to consider our own approaches to Incident Handling.
This talk will attempt to illustrate the close link between both safety and security, as well as the reasons they should remain distinct and separated efforts; the speakers will discuss case studies that relate to security incidents with safety impact, discuss practices that may be adopted in this space, before opening a discussion on the means for maintaining effective security and safety programs that neither overlap, nor underlap each other.
This talk is aimed at those with an interest in Operational Technology security; whilst it will be open to a range of knowledge and abilities, the emphasis is towards the simple, basic concepts that are often found wanting in relation to cyber-attacks in the industry.