Title:
Attacking ICS from a Malware Analyst Perspective
Abstract:
Critical Infrastructure (CI) hacking has been used as a setting for disaster thriller movie for a long time, such as Die Hard 4. We frequently heard rumors of evil hackers be employed by terrorist or activists to create threats against utility, oil and natural gas enterprises or government for obtaining monetary or political objectives. Since the outbreak of the Stuxnet incident, sophistical cyber warfare becomes a reality that challenged the traditional thinking of SCADA system is immune from cyber-attacks. The latest Havex malware has demonstrated that SCADA system cannot even prevent non-PLC related malicious attacks in general. We cannot even distinguish the causes of service disruptions of CI are originated from cyber-attacks or ineffective IT systems management. Forensics on SCADA systems is discussed only on conceptual level and there is no tool available to assist cyber forensics professionals to perform proper investigation.