Singapore ICS Cyber Security Conference | 2018

Last December, cyber attackers launched a new malware variant called TRITON, specifically designed to target industrial safety systems. It was used against a critical infrastructure facility in the Middle East, causing an operational outage. While this malware was not the first to impact operational networks, it illustrates that ICS networks are now directly in the crosshairs of attackers.

In this session, we will discuss the emergence of ICS-specific malware, how it’s being used to infiltrate industrial environments, and what operators can do to defend their ICS networks and critical assets to prevent disruptions.

Sponsored by: Indegy

Today, cyber threats have grown not just in its depth (i.e. more sophisticated), but also in its breadth (i.e. expanded scope). It has grown from threats in Enterprise IT systems (IT) to Operation Technologies (OT). Generally, OT refers to critical infra-structures such as nuclear, chemical, energy, water plants, trains, planes, ships etc. In certain context, it is addressed as Industrial Control Systems (ICS), or Supervisory Control And Data Acquisition (SCADA) systems.
In this sharing, the speaker would share the typical risks in both IT and OT, and why they could not be addressed in separated perspectives. The contents will be delivered in a highly practical approach with much of the sharing being the speaker’s first-hand experiences and encounters operationally.

How problematic can the human element be in Industrial Cybersecurity?

Wetware refers to the human brain as analogous to, or in contrast with electronic
hardware and software. Although the human element is paramount in Industrial
Cybersecurity, its importance is not adequately highlighted in relevant International
Standards. This has striking similarity to the way the human element is inadequately
treated in most Functional Safety Standards.
This talk will provide a comparative review of standards on Industrial Cybersecurity
from the human factor point of view. It will also highlight its relevance and importance
with illustrations and case studies from the industry. It concludes with the authors'
recommendations on methodologies to embrace Wetware in lifecycle activities with a
holistic view-point.

For the first time, a safety system (Triconex) from the company Schneider Electric is compromised. The plant shut down. HIMA takes the incident very seriously and deeply analyzes the information available. HIMA reviews its own processes and products based on the security agencies' recommendations. The diversity between the Schneider and HIMA systems, the results of the security analysis carried out by Dragos as well as their different design philosophy suggest that the TRITON attack is not directly deployable among other vendors systems.

The world is gearing up for a revolution that will likely be as game-changing as the invention of the automobile 120 years ago. Automation has the potential to fundamentally change our transportation systems, the way we build cities and the way we work and live our lives. The potential benefits are enormous, but there will likely be painful side effects that we need to anticipate and be prepared to address.

Almost all organizations conduct security assessment or security audits for their IACS setup, either internally of from third party consultants. This paper will cover these critical information that may be missed out by IT security specialist and IACS engineers. This paper will also provide the experience of conducting a security assessment for IACS, and to emphasize the critical scopes that might be missed out by the assessor.