London, UK — December 22, 2014 – IOActive, Inc., the leading global provider of hardware, software, and wetware security services, announced today that Eireann Leverett, Senior Security Consultant, and Joseph Tartaro, Senior Security Consultant for IOActive, will present their ground-breaking research at the Chaos Communication Congress Security Conference.
CONFERENCE: 31st Chaos Communication Congress (31C3)
LOCATION: CCH–Congress Center Hamburg, Hamburg, Germany
DATE: December 27–30, 2014
Eireann Leverett, Senior Security Consultant for IOActive
Switches Get Stitches: Industrial System Ownership
Sunday December 28, 2014 at 11:30am
This workshop from Eireann will introduce you to Industrial Ethernet Switches and their vulnerabilities. These switches are used in environments with industrial automation equipment, like substations, factories, refineries, and ports; in other words, DCS, PCS, ICS, and SCADA switches.
Eireann’s research focuses on attacking the management plane of these switches, since it is well known that industrial system protocols lack authentication and cryptographic integrity. As a result, compromising any switch allows malicious firmware to be inserted for further man-in-the-middle manipulation of live processes.
During this workshop, Eireann will disclose several vulnerabilities for the first time (at 31C3) and share the methods used to find those vulnerabilities. All of the vulnerabilities disclosed in this workshop will exploit default device configurations. While these vulnerabilities have been responsibly disclosed to the vendors, SCADA and ICS patching in live environments can take up to three years. At least three vendor’s switches will be examined: Siemens, GE, and GarrettCom.
Joseph Tartaro, Senior Security Consultant for IOActive
Cyber Necromancy: Reverse Engineering Dead Protocols
Sunday December 28, 2014 at 14:30pm
Reverse engineering is not all binaries and byte-code. The black art also extends to networks and unobtainable game servers.
In this talk, Joseph will discuss the gruesome details of how he dug through the graveyards of console binaries and the mausoleums of forgotten network protocols in order to stitch together the pieces necessary to bring his favourite game back to life. Joseph will examine the process of reverse engineering the game’s custom network protocols, from packet logs to low-level disassembly of client code.
About Eireann Leverett
Eireann Leverett is a Senior Consultant at IOActive where he focuses on Smart Grid and SCADA systems. He studied Artificial Intelligence (AI) and Software Engineering at Edinburgh University and went on to get his Masters in Advanced Computer Science at Cambridge. He studied under Frank Stajano and Jon Crowcroft in Cambridge’s computer security group. In between, he worked for five years at GE Energy and did a six-month engagement with ABB in their corporate research department.
About Joseph Tartaro
Joseph Tartaro is an experienced Senior Security Consultant at IOActive, where he proves his talents working with clients on network and application penetration tests. Tartaro is highly experienced with wireless security practices, and is passionate about hardware hacking, programming, fuzzing, risk engineering, and all manners of exploitations. As a member of telephreak, he helps manage a VoIP PBX system for free public conferencing and communication. In his off time he enjoys working on emulations and ROM hacking of retro video games.
About the Chaos Communication Congress
The Chaos Communication Congress is the yearly conference and hacker party of the Chaos Computer Club (CCC). For four days between Christmas and New Year’s Eve, thousands of hackers, techies, hobbyists, artists, and utopians meet in Hamburg to learn from each other, chat, meet and greet, or simply to party. We engage in topics focused around information technologies, computer security and safety, the maker and breaker scenes, the critically-constructive intercourse with technology and its implications on our societies.
IOActive is a comprehensive, high-end information security services firm with a long and established track record in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment through to chip reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA and Asia Pac regions. Visit www.ioactive.com for more information. Read the IOActive Labs Research Blog: http://blog.ioactive.com/. Follow IOActive on Twitter: http://twitter.com/ioactive.