What does a man-in-the-middle (MITM) attack look like on an ICS/SCADA system? It isn't hard to find videos, presentations, and tutorials on IT-based MITM attacks, but ICS/SCADA systems don't react the same way in the presence of an attack. These systems, for the most part, were never designed with security in mind, so strange things happen when you run some of the freely available attack tools.
In this talk, I'll describe a series of MITM attacks that were run against an ICS/SCADA test system. I'll talk about how the control system reacted to the attacks. I'll also show some different configurations that were used during the testing and how the packet streams differed.
Jim Gilsinn is a Senior Investigator at Kenexis. He is responsible for conducting network and security assessments, designing networks and security systems for industrial control systems (ICS), and developing network reliability monitoring tools and techniques. He is the lead developer of the Dulcet Analytics network reliability monitoring software. Jim received an MSEE from Johns Hopkins University in control theory and a BSEE from Drexel University specializing in control theory, robotics, and advanced electronics.