Loading…
Welcome to the interactive agenda for SecurityWeek’s 2019 ICS Cyber Security Conference. Sessions are being finalized and the final program will include 4 FULL DAYS of content. (View the full conference website here) (You can Register for the ICS Cyber Security Conference and training here)
Back To Schedule
Wednesday, October 23 • 9:45am - 10:30am
Homogenization of Attacker Toolsets

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Attackers, including ICS-targeting adversaries, are increasingly using the same toolsets for a myriad of reasons.  It cuts down on development time, allows for lower attribution rates and gives attackers more “playbooks” to fall back on.  The near ubiquitous nature of Mimikatz -- utilized by the most dangerous ICS-specific adversary, XENOTIME -- is just one example.  Attackers are rapidly integrating other tools such as Metasploit, PowerShell Empire and Cobalt Strike into their tactics, techniques and procedures (TTPs). This presentation will discuss the evolution of ICS attacker techniques and provide defenders with methods to mitigate against them.
Speakers
avatar for Thomas Pope

Thomas Pope

Adversary Hunter, Dragos
Thomas Pope is an Adversary Hunter at Dragos. He works with prospective and current customers to improve the Dragos threat intelligence offerings while hunting for ICS-specific activity groups and malware. He previously worked at Duke Energy, where he performed many roles in and outside... Read More →

Wednesday October 23, 2019 9:45am - 10:30am EDT
Windsor Ballroom
  Main Track