Threat Intel Analysis of Ukrainians Power Grid Hack
Offered By: YouTube
Course Description
Overview
Explore a comprehensive threat intelligence analysis of the Ukrainian power grid hack in this 43-minute conference talk from BSides Philly 2016. Delve into the Indicators of Compromise, Pyramid of Pain, and tools used in the incident. Examine the ICS Kill Chain, including stages involving Microsoft Office, spearphishing, and the BlackEnergy installer. Investigate the attacker's techniques for stealing files and firmware development. Learn about the Sandworm group, their motivations for targeting Ukraine, and the attack timeline. Discuss similarities with other attacks, potential solutions, and alternative attack vectors. Analyze power grid policies, security gaps, and strategies for improving critical infrastructure protection. Gain valuable insights into cyber threats targeting industrial control systems and the complexities of defending against sophisticated adversaries.
Syllabus
Introduction
Indicators of Compromise
Pyramid of Pain
Tools Used
The Incident
Why
ICS
HMI
Tools
KillDisk
IP Address
Proxy Server
ICS Kill Chain
Stage 1 Microsoft Office
Stage 2 Spearfishing
BlackEnergy Installer
Driver
Main DLL
Stealing Files
Firmware Development
Attack
Sandworm
Why Ukraine
Timeline
Similarities
How can we solve that
Other vectors
The sleeper must awaken
Another pyramid
Power Grid Policies
Security Gap
Summary
Questions
Related Courses
Secure Networked System with Firewall and IDSUniversity of Colorado System via Coursera Introduction to Cyber Security
Uttarakhand Open University, Haldwani via Swayam Preparing for the Google Cloud Professional Data Engineer Exam 日本語版
Google Cloud via Coursera Jump Start: Maestro Hyperscale Network Security
Checkpoint via edX Information Security - Introduction to Information Security
New York University (NYU) via edX