A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


WE ARE THE ARTILLERY: Using Google Fu To Take Down The Grids - Chris Sistrunk, Krypt3ia, SynAckPwn Derbycon 2018 (Hacking Illustrated Series InfoSec Tutorial Videos)

WE ARE THE ARTILLERY: Using Google Fu To Take Down The Grids
Chris Sistrunk, Krypt3ia, SynAckPwn
Derbycon 2018

In this presentation we will show how effective a team of individuals can be in using open source intelligence gathering techniques in gathering leaked data on the electrical grid. By using Google dorking alone, the team has been able to not only gather insider information on grid technologies but also their deployment in the US including and up to passwords to systems and blueprints and runbooks. Using such information an attacker could not only attempt to gain access to power company and grid networks but also easily be able to connect the dots and perform hybrid (physical and electronic) attacks on the US power grid systems.

Chris is an electrical engineer who is fluent in RS-232 and Kirchhoff’s Laws. You can thank Stuxnet (drink!) for bringing him here. Squirrels are his arch nemesis and he hates FUD. His sock game is strong. Krypt3ia has been in INFOSEC since the 90’s working for fortune 500 companies in pentesting and now blue team DFIR. An infamous curmudgeon, Krypt3ia has a blog featuring national security issues and OSINT. He also co hosted Cloak & Swagger a podcast on all things natsec and INFOSEC with a Sasquatch named Ali. SynAckPwn is a semi-professional retired troll that spends most of his time in a hardhat and popping MS08-067 in control systems. Yes, MS08-067 is still a thing and he takes little pleasure in exploiting it. Yes, when it comes to critical infrastructure, it’s still a problem. Yes, most of what you hear about grid hacking is bullsh!t.

@WeTheArtillery

Back to Derbycon 2018 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast