PIPEDREAM - Most Flexible & Capable ICS Malware To Date
Рет қаралды 9,263
Күн бұрынRob Lee, founder and CEO of Dragos, gives the opening keynote of S4x22 Day 2 on the ICS malware they call PIPEDREAM. The first third of the keynote focuses on what this means for asset owners and how they should react. Who should prioritize threat hunting ("you don't get to vote if you are a target")?
The remainder of the talk is on the malware itself and a bit on mitigations. The PLC Proxy capabilities is particularly interesting. Even if you have heard about INCONTROLLER/PIPEDREAM before you will find this a worthwhile watch.
@believe_it712 2 жыл бұрын
Haha love the final part message to the adversaries
@tonio071273 2 жыл бұрын
Great mapping of Pipedream along Purdue and MITRE, thx Mr. Lee!🙌
@aryamarga108 Жыл бұрын
Also a very good point by Robert in regards to predicting threat actors' targeting. It's a waste of time to debate whether you are likely to be targeted or not. Focus on deploying robust security controls and always be prepared for the unexpected.
@aryamarga108 Жыл бұрын
Schrodinger ICS, haha. Good point to invest more in detection and response as opposed to concentrating all resources on prevention.
@aryamarga108 Жыл бұрын
Lateral movement monitoring. Not just what comes in and goes out.
@HexaSquirrel 2 жыл бұрын
Great talk, Rob!
@aryamarga108 Жыл бұрын
These threat actors are really organized. I didn't know there were separate groups that specialized in access or the activity in itself.
@fredericoferreira5581 2 жыл бұрын
Great talk
@aryamarga108 Жыл бұрын
Very interesting that Dragos does not do attribution unless it affects the incident response process. It seems like an efficient way to approach things given that the priority should be to formulate how to properly defend the systems at hand.
@ranikehat3913 2 жыл бұрын
Great Talk
@The-Blind-Witch 2 жыл бұрын
Are you certain the adversaries' tradecraft error wasn't intentional as a warning signal from the adversary nation state to the USA?
AnythingAlexia
Рет қаралды 26 МЛН
SmashCrush! Arabic
Рет қаралды 37 МЛН
David Bombal
Рет қаралды 96 М.
DEFCONConference
Рет қаралды 2,9 М.
Brother-live_mob
Рет қаралды 1,7 МЛН
Nir Gaming
Рет қаралды 6 МЛН