|
PRESENTATION:
|
Hacking US (and UK, Australia, France, etc.) Traffic Control Systems
|
|
PRESENTER(S):
|
Cesar Cerrudo, Chief Technology Officer for IOActive Labs
|
|
CONFERENCE:
|
8.8 Computer Security Conference
|
|
LOCATION:
|
Cine Arte Normadie, Santiago, Chile
|
|
DATE & TIME:
|
October 24, 2014 at 11:55 AM
|
Cesar recently conducted research involving devices used by traffic control systems in important cities around the world, including the US, UK, France, Australia, and China. The end result, Cesar was able to hack into and exploit these devices.
In this presentation, Cesar will tell the whole story: how the devices were acquired, the research and onsite tests he conducted, the vulnerabilities he discovered, and how they can be exploited. Cesar will conclude his presentation with demonstrations of cyberwar-style attacks against the vulnerable devices.
About Cesar Cerrudo
Cesar Cerrudo is CTO for IOActive Labs, where he leads the team in producing ongoing, cutting-edge research in the areas of SCADA, mobile device, application security, and more. Formerly the founder and CEO of Argeniss Consulting – which was acquired by IOActive – Cesar is a world-renowned security researcher and specialist in application security.
Throughout his career, Cesar is credited with discovering and helping to eliminate dozens of vulnerabilities in leading applications including Microsoft SQL Server, Oracle database server, IBM DB2, Microsoft Windows, Yahoo! Messenger, and Twitter. He has a record of finding more than 50 vulnerabilities in Microsoft products and more than 20 in Microsoft Windows operating systems. Cesar has authored several white papers on database and application security as well as attacks and exploitation techniques based on his unique research. He has been invited to present at a variety of companies and conferences including Microsoft, Black Hat, Bellua, CanSecWest, EuSecWest, WebSec, HITB, Microsoft BlueHat, EkoParty, FRHACK, H2HC, Infiltrate, BlueHat, 8.8, Hackito Ergo Sum, NcN, and Defcon. Cesar collaborates with, and is regularly quoted in, print and online publications.
About 8.8 Computer Security Conference
A group of security professionals in Chile were bored with the typical “computer security conferences” oriented towards management or organized for commercial purposes. To this end, we decided to organize a conference that is intended to be 100% technical and focused principally on sharing knowledge and experience.
We would like this to be an event where those responsible for information security and privacy of information: CIOs, CTOs, CISOs, ISOs, sysadmins, system architects, system developers, network administrators, security specialists, consultants, risk analysts, system administrators and students can share knowledge and their experiences in a relaxed and comfortable environment.
The principal objective is to share the latest techniques being used, the latest kinds of attacks that have been seen, the ways in which they are carried out and how they are being defended against.
About IOActive
IOActive is a comprehensive, high-end information security services firm with a long and established track record in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.
###
Feeling social?
IOActive in LinkedIn
IOActive on Facebook
IOActive on YouTube
IOActive on Crunchbase
IOActive on Github