NDSS

Paul Forney, CISSP-ISSAP, CSSLP, CCSP, GREM

Chief Security Architect, Schneider Electric
Product Security Office, Corporate Global Strategy
Senior Edison Expert, Distinguished Engineer

In supplement to being the Chief Security Architect at Schneider Electric Product Security Office, Mr. Forney is a founding board member of the ISA Security Compliance Institute (ISCI) which develops the conformance specifications to the ISA 99/IEC 62443 ICS cyber security standard.

He also has held the co-chair position for the Research and Development Sub-group of the Department of Homeland Security (DHS) Industrial Control System Joint Working Group (ICSJWG). He has been an advisor to the White House National Security Council, the Department of Justice, the Department of Energy and FERC. Paul holds eleven patents in the areas of event detection for Oil and Gas, power management for Utilities and Internet Portal technologies.

Session Title: Overcoming the “Evil Twins” Attack: Lessons Learned from the Industrial Battlefield

Abstract

Can you imagine what happens when the industrial safety controllers (SIS) at one of the world’s largest chemical plants are being hacked? What if hackers could penetrate, take control and/or disable nuclear power plants and other critical infrastructure systems?

Schneider Electric Chief Security Architect Paul Forney discusses the technical lessons learnt from just this sort of attack. This incident could have reached damages of epic proportions as this was the first malware of its kind to infect industrial safety controllers specifically. Yet, as recent discoveries indicate a much worst situation may exist whereas the world experiences the first ever “evil twins” attack to impact both the safety controllers and Industrial Control Systems (ICS) simultaneously. All industrial and critical infrastructure providers must now reconsider their security risks and rapidly adopt technologies to avoid worldwide disasters – especially since AI (artificial intelligence)-based cyber-attacks are now starting to power cyber-wars. As hackers had penetrated the systems since long before discovery, new detection, prevention and remediation solutions will be highlighted to avoid escalation to grave consequences (like deaths and irrecoverable environmental destruction) from vulnerable operational as well as hacked modern Internet of Things (IoT) environments.

From yesterday’s breach discoveries, let’s learn together how to best architect, protect and contextualize a better future today.