How We Cost Our Client £1.2M with 4 lines of code and less than 2 Hours ($2M)

August 10, 2018 2:30 PM

Hacking SCADA, or more commonly ICS is serious business - unlike other areas of offensive security one mistake can cost lives. Mike and Matt will present their ICS research which was carried out at one of the UKs top Industrial training facilities, walk through caveats, protocols and show some demos. They will also show how one can start researching industrial systems safely and cover what one needs to know to not get someone killed. They will also share the story and method behind how they cost a company £1.2M+ ($2M+) in lost earnings in under 5 seconds with only 4 lines of code. We will not be showing exploit code as we believe given what's at stake, it's highly irresponsible, but what we will do is give responsible researchers the knowledge they need to get involved and start helping to secure critical infrastructure. We’ll also show process, insight and what exploiting this kit actually means.

Speaker Information

Panelist Information

Mike Godfrey

INSINIA

Mike Godfrey is a Network Specialist and Ethical Hacker with over 20 years experience in building and breaking computers. He has enjoyed a successful career in Information Technology, having qualified in Cisco CCNA (Network Associate) over 10 years ago and going on to work on some of the countries largest technological infrastructure. Mike is qualified and experienced in IT but is also a qualified Electro-technical / Electro-mechanical Engineer, specialising in hardware exploitation. Mike’s qualifications and experience have led to INSINIA becoming the only Gas Safe Registered Cyber Security Company in the UK, allowing it to test industrial process and building infrastructure in a unique way. Mike’s skills have also led to the design and production of a range of new products and services, including securing the hardware and fabric of buildings and identifying key vulnerabilities within the buildings “PowerLine” (230V circuit), which can allow an attacker to exfiltrate information undetected, as well as discovering vulnerabilities in key industrial gas systems and controls. Mike was the first ethical hacker to successfully hack Trend’s 963 BMS system back in 2006, the Sentry Safe with a magnet and a sock in 2014, the Philips Hue smart home system in 2017 and many more.