DEF CON 29 ICS Village - Sharon Brizinov, Uri Katz - Down Exploiting Vulnerabilities In the OT Cloud
About this talk
We researched the exploitability of cloud-based management platforms responsible for monitoring industrial control systems (ICS), and developed techniques to exploit vulnerabilities in automation vendor CODESYS’ Automation Server and vulnerabilities in the WAGO PLC platform. Our research mimics the top-down and bottom-up paths an attacker would take to either control a Level 1 device in order to eventually compromise the cloud-based management console, or the reverse, commandeer the cloud in order to manipulate all networked field devices.
Topics covered
Stay Updated
Get notified about new features and conference additions.
