Switches Get Stitches

Explore the vulnerabilities of Industrial Ethernet Switches used in critical infrastructure environments like substations, factories, and refineries. Dive into a 49-minute Black Hat conference talk by Colin Cassidy, Robert Lee, and Eireann Leverett that unveils previously undisclosed vulnerabilities in the management plane of these switches. Learn about the potential consequences of compromising these switches, including malicious firmware creation and man-in-the-middle attacks that can lead to plant shutdowns or hazardous states. Discover the methods used to find these vulnerabilities and gain insights into the default configuration vulnerabilities of switches from Siemens, GE, Garrettcom, and Opengear. Understand the challenges of patching in live industrial environments and explore immediate mitigation strategies for owner/operators to protect their systems.

Switches Get Stitches