BruCON 0x0A has ended
Back To Schedule
Friday, October 5 • 11:00 - 12:00
Operator Jail Breakout

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Operator stations are today one of the first systems/stations to interact with a distributed control system (DCS) or other industrial control systems. These operator stations often have some protection built in to restrict what the operator can do within the SCADA software and/or on the operating system itself.

Within this presentation, some of the most (easily) discovered ways are shown/explained and how these can be (ab)used to gain a further foothold within the environment.

The audience will learn more on the shortcomings of most of the operator jail solutions and what could be done to step up this game to secure this properly. Key takeaways obtained by the audience through this presentation is that you cannot trust operator jails in the thought that it properly protects attackers from gaining access to the operating system itself and thus potentially exploiting the whole DCS environment.

avatar for Frank Lycops

Frank Lycops

Frank a freelance security consultant and researcher. He has 8 years of experience in both the IT and OT environments. During his work, he performed numerous penetration tests on OT environments, helped improving the overall security of various environments and discovered several... Read More →

Dieter Sarrazyn

Dieter is a freelance OT security expert who working extensively on industrial control system security including more than 10 years in a large electricity generation company. He performs SCADA security assessments, provides assistance in securing SCADA environments and helps customers... Read More →

Friday October 5, 2018 11:00 - 12:00 CEST
02. Westmalle University