Keynote: When Your OT Support Supports the APT presented at SupplyChainCybersecuritySummit 2019

by Jake Williams,

Summary : Manufacturing, medical, and many other environments have extremely specialized (and expensive) operational technology (OT) devices. Due to a high degree of specialization, these devices are rarely maintained by the same organization that operates them. In some cases, these devices are merely leased from the manufacturer, remotely maintained by the manufacturer, but deployed in a customer's production network. While it is well understood that remote support technicians could achieve malicious effects through remote administration software, what about APT? How easily can an advanced attacker pivot from an infected remote support machine to the OT device (and ultimately to the customer network)? In this talk, Jake will walk through the mechanics of compromising OT equipment via remote support software complete with demonstrations of gaining access.