VB2019 paper: Fantastic Information and Where to Find it: A guidebook to open-source OT reconnaissance

Ever since Stuxnet was discovered almost a decade ago, ‘operational technology’, the use of computers to monitor or alter physical processes, has been part of the cybersecurity realm. Indeed, several threats have been discovered that targeted and, in some cases, damaged physical systems such as factories or the power grid.

Fantastic-information-fig1.jpg

Simplified diagram of OT components.


An attacker targeting OT needs to perform reconnaissance on the targeted system and learn how it is connected to the IT network. This often involves old-fashioned or digital espionage, but a lot of such information is actually available out there in the open.

This is the subject of a VB2019 paper by

FireEye

researcher Daniel Kapellmann Zafra, who explained how open source intelligence (OSINT) can be used to learn crucial details of the inner workings of many a system. An important lesson from Daniel’s paper and talk is that ‘security by obscurity’ is dead and that organisations shouldn’t rely on an attacker not knowing how their system works.

Today we publish Daniel’s paper in both

HTML

and

PDF

format. We have also uploaded the video of his VB2019 presentation to our

YouTube

channel.

VB2019-conference-paper.jpg
Fantastic information and where to find it: a guidebook to open-source OT reconnaissance


Read the paper (HTML)


Download the paper (PDF)





Posted

in

by

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *