The Little Pump Gauge That Could - Attacks Against Gas Pump Monitoring Systems

Explore a comprehensive analysis of attacks on Guardian AST gas pump monitoring systems in this 54-minute Black Hat conference talk. Delve into the details of real and simulated attacks, uncovering attacker profiles, motivations, and indicators of compromise. Learn about the Gaspot script for deploying virtual monitoring systems, and gain insights into the vulnerabilities of these environments. Examine the honeypot architecture, deployment strategies, and attack scenarios. Discover the involvement of various actors, including government entities and criminals, in targeting these systems. Understand pump modifications, IDC hacking, and prevention techniques. Gain valuable knowledge on securing gas pump monitoring systems and interpreting attack statistics.

Introduction
Welcome
Overview
Target Attackers
Underground Forums
Incidents
Vulnerabilities Incidents
Why are these environments attacked
The Government
Criminals
Nonpatched
Guardian ST
How the system works
Demonstration
Inventory Command
Critical vs NonCritical
The Honeypot
Honeypot Architecture
Honeypot Deployment
Honeypot Code
Honeypot Randomization
Honeypot Name Change
Inmap Script
Classification
Attribution
Attack Scenarios
Attack Breakdown
Connection Attempts
Valid Commands
Attack Statistics
Eddie Murphy Slide
Syrian Electronic Army
Jordanian Honey Pots
Pump Modifications
IDC
Hacking
IDC Involvement
Release
When
Preventing Attacks
Security
Logs
Was it Targeted