vCampus Live! 2011 is right around the corner: in less than a month (on Nov. 30th and Dec. 1)  we will have our event at the Palace Hotel in San Francisco.

 

Many of you already registered, if you have not: Check out the agenda and the abstracts. This year we will have 3 tracks of hands-on sessions, and one track of presentations. We also have Vox Pop sessions, Roundtable discussions and the Developers Lounge.

 

We are very happy with two new security presentations on track 4 by Joel Langill from ScadaHacker.com. Check out his website and blog: the aim of scadahacker.com is to bring security information to those involved in Industrial  Control Systems in a simple and easy to undertand manner.

 

Joel has worked for more than 25 years in the industrial automation and control industry. Joel's unique approach to security emphasizes the processes and people used to implement security programs, rather than relying solely on technology or "products".  The best strategy for comprehensive security balances People, Processes and Products.   His perspective has been sought and cited by numerous industry publications focused on both industrial automation and information security.  Most recently he has played a central role in the analysis and implications of the Stuxnet worm, including new methods of mitigating current and future attacks on critical infrastructure.

 

Joel is also the Director of Critical Infrastructure and SCADA representative for the Cyber Security Forum Initiative, where he was a lead contributor to a report on the use of could in cyber warfare.  He is a Certified Ethical Hacker, Certified Penetration Test, Cisco Certified Network Associate, and TüV Functional Safety Engineer. 

 

He will be presenting two presentations on Track 4

How Stuxnet Spreads (30 mins. Track 4, Day 1 04:15 pm - 06:00 pm block)

The Stuxnet worm is a sophisticated piece of computer malware designed to sabotage industrial assets. The worm used both known and previously unknown vulnerabilities to install, infect and propagate, and was powerful enough to evade state-of-the-practice security technologies and procedures, including firewalls, authentication, and anti-virus software to name a few.

 

Since the discovery of Stuxnet, there has been extensive analysis of Stuxnet’s internal workings. What has not been discussed is how the worm might have migrated from the outside world to supposedly isolated and secure industrial control systems (ICS). Understanding the routes that a directed worm takes as it targets an ICS is critical if these vulnerable pathways are to be closed for future worms.

 

This presentation is meant to provide a summary of how modern day cyber threats may work their way through even the most protected networks. It also takes a look at what can be learned from the analysis of pathways in order to prevent infection from future worms - whether targeted or not. If the systems that control critical infrastructure are to remain safe and secure, then owners, operators, integrators, and vendors need to recognize that their control systems are now the target of sophisticated attacks. Improved defense-in-depth postures for industrial control systems are needed urgently. Waiting for the next worm may be too late.

Network Architecture and Active Directory Considerations for the PI System (30 mins. Day 1 Track 4, 04:15 pm - 06:00 pm block)

 

 

Security standards for industrial control systems (ICS) generally emphasize network segregation between corporate information and automation networks. Typical PI System information flow requires connection with data sources and potentially users residing on automation networks. Careful consideration should be given to network design and Active Directory implementation.

 

Active Directory is very flexible and scalable but can be quite complex in a large enterprise. While there may not be a one size fits all approach this presentation will highlight common do’s and don’ts related to PI System deployment with Active Directory. It will also provide insight into new features that can help improve user authentication throughout the architecture without compromising security within any particular network zone or communication segment.

 

Please do not forget to register, seating on the hands-on sessions is limited!