Company to showcase series of research centered on math,
physics, advanced technology, and SCADA
IOActive, Inc. (http://www.ioactive.com), the worldwide
leader in research-driven security services, today announced it is
lighting up Las Vegas with thirteen groundbreaking presentations at
the annual Black Hat (https://www.blackhat.com/us-15/) and DEF
CON (https://www.defcon.org/html/defcon-23/dc-23-index.html)
security conferences.
IOActive will showcase a series of talks and activities centered
on math, physics, advanced technology, and SCADA. These talks
follow the call to action it issued earlier this year for Smart
Cities to take a more active role in protecting citizens. The
company will also present demos to show how silicon chip hacking is
critical to protecting the future of Smart Cities.
In addition to the sessions at Black Hat, IOActive will host a
cocktail
reception (http://www.ioactive.com/alerts/ioasis-las-vegas-2015.html)
at the House of Blues in Mandalay Bay on Wednesday, August 5,
featuring DJ Alan Alvarez hitting the decks and violin.
On Friday, August 7, the company will host its annual
IOAsis (http://www.ioactive.com/alerts/ioasis-las-vegas-2015.html)
sanctuary at Bally’s during DEF CON. The IOAsis provides a unique
opportunity for in-depth discussions with IOActive’s top
researchers and hands-on demos of upcoming IOActive Labs
research.
Finally, after a two-year hiatus, IOActive is bringing back its
renowned DEF CON party in the form of FreakFest
2015 (http://www.ioactive.com/alerts/ioasis-las-vegas-2015.html)
on Saturday, August 8, at Bally’s Blu Pool.
Overview of Briefings at Black Hat and DEF CON:
· Remote
Exploitation (http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/)
of an Unaltered Passenger Vehicle
By Chris Valasek, director of vehicle security research for
IOActive, and Charlie Miller, security engineer for Twitter Black
Hat: August 5, 2015 at 15:00
(https://www.blackhat.com/us-15/briefings.html#chris-valasek)DEF
CON: August 8, 2015 at 14:00
(https://www.defcon.org/html/defcon-23/dc-23-speakers.html#Miller)Although
the topic of automotive hacking is often discussed, the details of
successful attacks, if ever made public, are non-comprehensive at
best. In this talk, Chris and Charlie will reveal the reality of
car hacking by demonstrating exactly how a remote attack works
against an unaltered, factory vehicle.
· Switches get Stitches
By Colin Cassidy, security consultant for IOActive, Eireann
Leverett, and Robert Lee Black Hat: August 5, 2015 at 15:00
(https://www.blackhat.com/us-15/briefings.html#colin-cassidy)DEF
CON: August 8, 2015 at 16:00
(https://www.defcon.org/html/defcon-23/dc-23-speakers.html#Cassidy)This
talk will introduce Industrial Ethernet Switches and their
vulnerabilities. These are switches used in industrial
environments, like substations, factories, refineries, ports, or
other homes of industrial automation. In other words, DCS, PCS, ICS
& SCADA switches.
Not only will vulnerabilities be disclosed for the first time,
but the methods of finding those vulnerabilities will be shared.
The researchers will also be providing live mitigations that
owner/operators can use immediately to protect themselves.
· Remote Physical Damage 101 – Bread and Butter
Attacks
By Jason Larsen, principal security consultant for IOActive
Black Hat: August 6, 2015 at 09:00
(https://www.blackhat.com/us-15/briefings.html#jason-larsen)It
is possible to physically damage equipment through purely cyber
means. Most of the time the attacker takes advantage of something
specific to the CyberPhysical System (CPS) being targeted. As an
example, mixing in a cleaning agent during a production cycle can
cause an unwanted chemical reaction. Attacking software has been
described as "unexpected computation." Attacking a process is all
about "unexpected physics." In this talk, Larsen will demonstrate
various forms of physical attacks to help stimulate discussion on
how an attack can be mitigated after code execution is already
achieved.
· Rocking the Pocket Book: Hacking Chemical Plant for
Competition and Extortion
By Jason Larsen, principal security consultant for IOActive, and
Marina Krotofil, senior security consultant, European Network for
Cyber Security DEF CON: August 7, 2015 at 18:00
(https://www.defcon.org/html/defcon-23/dc-23-speakers.html#Krotofil)This
session should be considered a master class on complex physical
hacking. The presentation will simulate a plant for vinyl acetate
production and demonstrate a complete attack, from start to end,
directed at persistent economic damage to a production site, while
avoiding attribution of production loss to a cyber-event. Such an
attack scenario could be useful to a manufacturer aiming at putting
competitors out of business or as a strong argument in an extortion
attack. Exploiting physical processes is an exotic and
hard-to-master skill with a high barrier to entry. To help the
community master new skills, Larsen and Krotofil will explain the
“Damn Vulnerable Chemical Process,” the first open source framework
for cyber-physical experimentation based on two realistic models of
chemical plants.
· Subverting Satellite Receivers for Botnet and Profit
By Sofiane Talmat, senior security consultant for IOActive Black
Hat: August 5, 2015 at 17:30
(https://www.blackhat.com/us-15/briefings.html#sofiane-talmat)New
generation Set Top Boxes (satellite receivers) are embedded Linux
boxes offering all the features of any Linux-based machine,
including wireless and network connectivity. This has allowed
hackers to crack most satellite DVB-CA encryption schemes promoting
the apparition of a parallel black market for pay TV subscription
at very low cost. Talmat will present a practical attack that
exploits human weakness, satellite receiver design, protocols, and
subscription mechanisms. He will also describe a similar attack
that was conducted some years ago using a backdoor within a CCCAM
protocol provider.
· Abusing XSLT for Practical Attacks
By Fernando Arnaboldi, senior security researcher for IOActive
Black Hat: August 6, 2015 at 15:50
(https://www.blackhat.com/us-15/briefings.html#fernando-arnaboldi)DEF
CON: August 8, 2015 at 14:00
(https://www.defcon.org/html/defcon-23/dc-23-speakers.html#Arnaboldi)Over
the years, Extensible Markup Language (XML) has been a rich target
for attackers due to flaws in its design as well as
implementations. It is a tempting target because it is used by
other programming languages to interconnect applications and is
supported by web browsers. This talk will demonstrate how to use
XSLT to produce documents that are vulnerable to new exploits. This
presentation includes proof-of-concept attacks demonstrating XSLT’s
potential to affect production systems, along with recommendations
for safe development.
· Beyond the Scan: The Value Proposition of Vulnerability
Assessment
By Damon Small, managing consultant for IOActive DEF
CON: August 6, 2015 at 14:00
(https://www.defcon.org/html/defcon-23/dc-23-speakers.html#Small)Vulnerability
assessment is regarded by some as one of the least ‘sexy’
capabilities in information security. However, it is a key
component of any successful infosec program, and is often
overlooked. In this talk, Small will explore how vulnerability
assessments can be leveraged ‘Beyond the Scan’ and provide tangible
value to not only the security team, but the entire business that
it supports.
Overview of Village Talks at DEF CON:
· Brain Waves Surfing - (In)security in EEG
(Electroencephalography) Technologies
By Alejandro Hernandez, senior security consultant for IOActive
DEF CON: August 8, 2015 at 19:00, Bio Hacking Village
Electroencephalography (EEG) is a non-invasive method used to
record and study electrical activity of the brain taken from the
scalp. The source of these brain signals is mostly the synaptic
activity between brain cells (neurons). EEG activity is represented
by different waveforms per second (frequencies) and can be used to
diagnose or monitor health conditions such as epilepsy, sleeping
disorders, seizures, and Alzheimer disease. Brain signals are also
used for many other research and entertainment purposes, such as
neurofeedback, arts, and neurogaming. Alejandro will provide a
brief introduction of Brain-Computer Interfaces (BCIs) and EEG to
help attendees to understand the risks involved in brain signal
processing, storage, and transmission.
· The Grid: A Multiplayer Game of Destruction
By Kenneth Shaw, senior security consultant for IOActive DEF
CON: August 9, 2015 at 12:00, ICS Village Kenneth
introduced "The Grid: A Multiplayer Game of Destruction" this year,
and now he will teach attendees how to play it! The game is
composed of compromised portions of an electric grid, which players
can control with the end goal of destroying parts of the electric
grid system. It will require cooperation or cunning from players to
bring it down. He will explain the details of how the game was
created, how realistic the simulations are, and what a
well-positioned attacker could hope to achieve. Additionally,
Kenneth will discuss IOActive’s research in the area and
demonstrate required compromised nodes for system failure,
resonances, and more!
· Security and the New Generation of Set Top Boxes
By Sofiane Talmat, senior security consultant for IOActive DEF
CON: August 8, 2015 at 14:00, IoT Village New
generation Set Top Boxes (satellite receivers) are embedded Linux
boxes that have joined the IoT primarily for Internet Protocol
Television (IPTV) and cardsharing for pay TV channel decryption.
Sofiane will talk about design flaws, protocols, modules, and
plugins for cardsharing and IPTV. He will focus on the technical
aspects of reverse engineering protocols, cardsharing plugins, and
satellite receiver software, identifying vulnerabilities in the
satellite receiver box and remote IPTV service accessible by the
DVB receiver. For more information on sessions and events, and to
RSVP for any IOActive activities, please visit:
http://www.ioactive.com/alerts/ioasis-las-vegas-2015.html
About IOActive
IOActive is the industry’s only research-driven, high-end
information security services firm with a proven history of better
securing our customers through real-world scenarios created by our
security experts. Our world-renowned consulting and research teams
deliver a portfolio of specialist security services ranging from
penetration testing and application code assessment to chip reverse
engineering across multiple industries. IOActive is the only
security services firm that has a dedicated practice focusing on
Smart Cities and the transportation and technology that connects
them. Global 500 companies across every industry continue to trust
IOActive with their most critical and sensitive security issues.
Founded in 1998, IOActive is headquartered in Seattle, US, with
global operations through the Americas, EMEA, and Asia Pac
regions. Visit www.ioactive.com for more information. Read
the IOActive Labs Research Blog: http://blog.ioactive.com. Follow
IOActive on Twitter: http://twitter.com/ioactive.
This information was brought to you by Cision
http://news.cision.com
View source
version on businesswire.com: http://www.businesswire.com/news/home/20150729005815/en/
IOActive, Inc.Craig BrophyGlobal PR Manager,E: PR@ioactive.comT:
+1 206 784 4313