SolarWinds Compromise: Impact on ICS/OT Networks and Remediation Strategies

Explore the critical implications of the SolarWinds compromise on ICS/OT networks in this 57-minute webinar by Dragos: ICS Cybersecurity. Gain insights into the sophisticated supply chain attack that affected 18,000 organizations worldwide, with a focus on industrial environments. Learn about the two types of operations involved, potential impacts, and receive expert recommendations for identifying and remediating affected systems. Discover strategies for gaining visibility, analyzing compromised environments, and conducting digital forensics. Understand the NERC implications and three-step standards for addressing the breach. Dive into specific examples, including the GE case, and explore the Supernova malware. Leave equipped with actionable knowledge on collecting forensic evidence and implementing effective cybersecurity measures to protect industrial control systems.

Intro
Agenda
Solar Winds
Solar Winds Compromise
What Happened
Two Types of Operations
What Does This Mean
Our Recommendations
What We Dont Know
Recommendations
Solar Winds Example
GE Example
Gain Visibility
DNS Query
Analyzing Compromised Environment
Digital Forensics Instant Response
Digital Forensics Virtual System
NERC Implications
Three Step Standards
Collection Management Framework
Questions
Collecting Forensic Evidence
Supernova
What to do