YoVDO

Threat Intel Analysis of Ukrainians Power Grid Hack

Offered By: YouTube

Tags

Conference Talks Courses Cybersecurity Courses Threat Intelligence Courses Security Policies Courses Firmware Development Courses Incident Analysis Courses

Course Description

Overview

Explore a comprehensive threat intelligence analysis of the Ukrainian power grid hack in this 43-minute conference talk from BSides Philly 2016. Delve into the Indicators of Compromise, Pyramid of Pain, and tools used in the incident. Examine the ICS Kill Chain, including stages involving Microsoft Office, spearphishing, and the BlackEnergy installer. Investigate the attacker's techniques for stealing files and firmware development. Learn about the Sandworm group, their motivations for targeting Ukraine, and the attack timeline. Discuss similarities with other attacks, potential solutions, and alternative attack vectors. Analyze power grid policies, security gaps, and strategies for improving critical infrastructure protection. Gain valuable insights into cyber threats targeting industrial control systems and the complexities of defending against sophisticated adversaries.

Syllabus

Introduction
Indicators of Compromise
Pyramid of Pain
Tools Used
The Incident
Why
ICS
HMI
Tools
KillDisk
IP Address
Proxy Server
ICS Kill Chain
Stage 1 Microsoft Office
Stage 2 Spearfishing
BlackEnergy Installer
Driver
Main DLL
Stealing Files
Firmware Development
Attack
Sandworm
Why Ukraine
Timeline
Similarities
How can we solve that
Other vectors
The sleeper must awaken
Another pyramid
Power Grid Policies
Security Gap
Summary
Questions


Related Courses

ARM Cortex (STM32) Deep Dive: Mastering Embedded Systems
EDUCBA via Coursera
Embedded Systems Object-Oriented Programming in C and C++
Packt via Coursera
Architecture 4031: x86-64 Reset Vector: coreboot
OpenSecurityTraining2 via Independent
Motors and Motor Control Circuits
University of Colorado Boulder via Coursera
Bluetooth Low Energy (BLE) From Ground Up™
Udemy