OwlTail

Cover image of Marina Krotofil

Marina Krotofil

4 Podcast Episodes

Latest 11 Sep 2021 | Updated Daily

Weekly hand curated podcast episodes for learning

Episode artwork

An Interview with Marina Krotofil

@BEERISAC: OT/ICS Security Podcast Playlist

Podcast: Unsolicited Response Podcast (LS 30 · TOP 10% what is this?)Episode: An Interview with Marina KrotofilPub date: 2019-10-29Marina Krotofil has been able to view the ICS security world from a number of perspectives. Beginning as an academic; working for an ICS vendor (Honeywell); working for an ICS security products and services company (FireEye); and now working for a large European petrochemical company. A consistent thread through her work is a focus on the engineering side of the problem, on cyber/physical. In this podcast we talk about three main topics: Academia and it's interaction with the ICS community The Cyber / Physical concept. Is it still misunderstood? What would a cyber / physical attack team look like? Her thoughts on ICS ATT&CK, which was the foundation of her speech at KICS in Sochi. Links Marina Krotofil on Twitter Pwn2Own Miami S4x20, Jan 21 – 23 in Miami South Beach Sponsor This episode was sponsored by aeSolutions. aeSolutions is an engineering and consulting company specializing in process safety and industrial cybersecurity. aeSolutions has pioneered the CyberPHA methodology which is a proven method to assess industrial control system (ICS) cybersecurity risk leveraging well established process safety techniques.The podcast and artwork embedded on this page are from Dale Peterson: ICS Security Catalyst and S4 Conference Chair, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

51mins

30 Oct 2019

Episode artwork

An Interview with Marina Krotofil

Unsolicited Response Podcast

Marina Krotofil has been able to view the ICS security world from a number of perspectives. Beginning as an academic; working for an ICS vendor (Honeywell); working for an ICS security products and services company (FireEye); and now working for a large European petrochemical company. A consistent thread through her work is a focus on the engineering side of the problem, on cyber/physical. In this podcast we talk about three main topics: Academia and it's interaction with the ICS community The Cyber / Physical concept. Is it still misunderstood? What would a cyber / physical attack team look like? Her thoughts on ICS ATT&CK, which was the foundation of her speech at KICS in Sochi. Links Marina Krotofil on Twitter Pwn2Own Miami S4x20, Jan 21 – 23 in Miami South Beach Sponsor This episode was sponsored by aeSolutions. aeSolutions is an engineering and consulting company specializing in process safety and industrial cybersecurity. aeSolutions has pioneered the CyberPHA methodology which is a proven method to assess industrial control system (ICS) cybersecurity risk leveraging well established process safety techniques.

51mins

29 Oct 2019

Similar People

Episode artwork

FireEye's Marina Krotofil On Triton and ICS Threats

@BEERISAC: OT/ICS Security Podcast Playlist

Podcast: The Threatpost Podcast (LS 34 · TOP 5% what is this?)Episode: FireEye's Marina Krotofil On Triton and ICS ThreatsPub date: 2018-03-12At the Security Analyst Summit this year in Cancun, FireEye's Marina Krotofil talks about the Triton malware, first disclosed in December 2017, that targets industrial control systems. Krotofil discusses with Threatpost's Lindsey O'Donnell about the implications of this malware for the manufacturing market as a whole.The podcast and artwork embedded on this page are from Mike Mimoso, Chris Brook, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

16mins

17 Mar 2019

Episode artwork

Marina Krotofil & Jason Larsen - Rocking the Pocket Book: Hacking Chemical Plant for Competition and Extortion

DEF CON 23 [Audio] Speeches from the Hacker Convention

Materials Available here:https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Marina-Krotofil-Jason-Larsen-Rocking-the-Pocketbook-Hacking-Chemical-Plants-UPDATED.pdf Whitepaper here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Marina-Krotofil-Jason-Larsen-Rocking-the-Pocketbook-Hacking-Chemical-Plants-WP-UPDATED.pdf Rocking the Pocket Book: Hacking Chemical Plant for Competition and Extortion Marina Krotofil Senior Security Consultant. European Network for Cyber Security Jason Larsen Principal Security Consultant, IOActive The appeal of hacking a physical process is dreaming about physical damage attacks lighting up the sky in a shower of goodness. Let’s face it, after such elite hacking action nobody is going to let one present it even at a conference like DEF CON. As a poor substitute, this presentation will get as close as using a simulated plant for Vinyl Acetate production for demonstrating a complete attack, from start to end, directed at persistent economic damage to a production site while avoiding attribution of production loss to a cyber-event. Such an attack scenario could be useful to a manufacturer aiming at putting competitors out of business or as a strong argument in an extortion attack. Picking up a paper these days it’s easy to find an article on all the “SCADA insecurity” out there associated with an unstoppable attacker with unsophisticated goal of kicking up another apocalypse. Sorry to disappoint excited crowd but formula “Your wish is my command” does not work for control systems. The target plant is not designed in a hacker friendly way. Hopefully by the end of the presentation, the audience will understand the difference between breaking into the system and breaking the system, obtaining control and being in control. An attacker targeting a remote process is not immediately gifted with complete knowledge of the process and the means to manipulate it. In general, an attacker follows a series of stages before getting to the final attack. Designing an attack scenario is a matter of art as much as economic consideration. The cost of attack can quickly exceed damage worth. Also, the attacker has to find the way to compare between competing attack scenarios. In traditional IT hacking, a goal is to go undetected. In OT (operational technologies) hacking this is not an option. An attack will change things in the real world that cannot be removed by simply erasing the log files. If a piece of equipment is damaged or if a plant suddenly becomes less profitable, it will be investigated. The attacker has to create forensic footprint for investigators by manipulating the process and the logs in such a way that the analysts draw the wrong conclusions. Exploiting physical process is an exotic and hard to develop skill which have so far kept a high barrier to entry. Therefore real-world control system exploitation has remained in the hands of a few. To help the community mastering new skills we have developed „Damn Vulnerable Chemical Process“ – first open source framework for cyber-physical experimentation based on two realistic models of chemical plants. Come to the session and take your first master class on complex physical hacking. Marina is Senior Security Consultant at European Network for Cyber Security. Through her life she has accumulated vast hands-on experience in several engineering fields. Most recently she completed her doctoral degree in ICS security at Hamburg University of Technology, Germany. Her research over the last few years has been focused on the bits and peac.hes of the design and implementation of cyber-physical attacks aiming at both physical and economic damage. Marina used her pioneering destructive knowledge for designing process-aware defensive solutions and risk assessment approaches. During her PhD she collaborated with several industrial partners, participated in EU projects and collaborated with cool dudes from the hacking community. She has written more than a dozen papers on the subject of cyber-physical exploitation. Marina gives workshops on cyber-physical exploitation and is a frequent speaker at the leading ICS security and hacking venues around the world. She holds MBA in Technology Management, MSc in Telecommunications and MSc in Information and Communication Systems. Jason Larsen is a professional hacker that specializes in critical infrastructure and process control systems. Over the last several years he has been doing focused research into remote physical damage. Jason graduated from Idaho State University where he worked doing Monte Carlo and pharmacokinetic modeling for Boron-Neutron Capture Therapy. He was one of the founding members of the Cyber-Security department at the Idaho National Labs, which hosts the ICS -CERT and the National SCADA Tested .Jason has audited most of the major process control and SCADA systems as well as having extensive experience doing penetration tests against live systems. His other activities include two years on the Window 7 penetration testing team, designing the anti-malware system for a very large auction site, and building anonymous relay networks. He is currently a Principle Security Consultant for IOActive in Seattle.

23 Oct 2015

Most Popular