BruCON 0x0E has ended
Back To Schedule
Friday, September 30 • 11:00 - 12:00
INCONTROLLER: New Malware Developed to Target Industrial Control Systems

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Only a few times in history we have seen publicly documented malware developed to target industrial control systems (ICS). Over ten years ago STUXNET impacted Iranian nuclear centrifuges. Then INDUSTROYER turned off electric power in Ukraine and TRITON targeted the safety systems from a critical infrastructure organization. Today, a couple years later, we ran into INCONTROLLER.

INCONTROLLER is a set of novel ICS- oriented attack tools built to target specific Schneider Electric and Omron devices that are embedded in different types of machinery leveraged across multiple industries. The tools – which are very likely state-sponsored – represent an exceptionally rare and dangerous cyber-attack that contains capabilities related to disruption, sabotage, and potentially physical destruction. In this talk I will present our analysis of INCONTROLLER, its components, attack scenarios, and the implications for defenders.

avatar for Daniel Kapellmann Zafra

Daniel Kapellmann Zafra

Daniel is senior Analysis Manager for Mandiant where he oversees the strategic coverage of cyber physical threat intelligence and coordinates the development of solutions to collect and analyze data. He is a frequent speaker on ICS/OT topics at international conferences and collaborates... Read More →
avatar for Ken Proska

Ken Proska

Ken Proska is a Senior Technical Analyst on the Mandiant threat intelligence cyber-physical team, where he leads the collection and analysis of threat detections. Prior to working with Mandiant, Ken has worked in the ICS/OT environment helping to protect and defend critical infrastructure... Read More →

Friday September 30, 2022 11:00 - 12:00 CEST
01. Gouden Carolus