当前位置:首页 > 报告详情

ICS恶意软件定义的演变——能力、意图和不良影响.pdf

上传人: 可*** 编号:991802 2025-12-07 49页 4.02MB

1、Evolving a Definition of ICS MalwareCapability,Intent,and Adverse EffectsJimmy Wylie,Distinguished Malware AnalystWhy not?Why not?IOT Exploit Tool and moreEasy to communicateEasy to useDifferentiate ICS MalwareTristation ProtocolDownload/Upload Ladder Logic0-Day ExploitFirmware AddressesRootkit Inst

2、allation for privileged accessKeyswitch Bypass-compromises safetyOnly one known deployment causing multiple plant shutdownsTested successfully in the labICS-CapableTristation ProtocolDownload/Upload Ladder LogicFirmware AddressesBad Consequences0-Day ExploitRootkit Installation for privileged access

3、Keyswitch Bypass-compromises safetyOnly one known deployment causing multiple plant shutdownsTested successfully in the Malicious Intent makes MalwareICS-CapableMalicious IntentAdverse EffectsICS-CapableTristation ProtocolDownload/Upload Ladder LogicFirmware AddressesBad ConsequencesCaused multiple

4、site shutdownsRootkit installation for privileged access-safety and security compromiseTesting confirmed these abilitiesMalicious IntentOnly known deployment-attack in 20170-day exploit for TriconexOSKey switch Bypass-compromises safetyRootkit suggests specific process impacts ICS-capableMalicious I

5、ntentBad ConsequencesCrashOverride?Multiple Industrial protocolsSite-specific IPs,breaker and switchgear manipulationDisrupted Transmission substationBad Consequences-The Ability for Adverse Effects on OT Environments?ICS-CapableMalicious IntentAdverse EffectsICS-capable software intentionally desig

6、ned for adverse effects on OT environments.ICS Malware isICS-capable software intentionally designed for adverse effects on OT environments.ICS Malware is3 Properties:ICS-Capable Designed with Malicious Intent Ability for Adverse Effects on OT environmentsFrostyGoopVerdict:?ICS-C

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据报告的内容,全文主要探讨了ICS(工业控制系统)恶意软件的定义、特性及其对工业环境的影响。以下是关键点: 1. ICS恶意软件定义:ICS恶意软件是专门设计用于对工业环境造成不良影响的软件。 2. 特性: - ICS-Capable:能够影响工业控制系统。 - Malicious Intent:具有恶意意图。 - Ability for Adverse Effects on OT environments:对操作技术(OT)环境造成不良影响的能力。 3. 核心数据: - 1000s of Exploits:数千个漏洞利用。 - 175 publicly disclosed ICS vulns:175个公开披露的ICS漏洞。 - 19 industrial protocols:19种工业协议。 4. 例子: - FrostyGoop:具有ICS-Capable、Malicious Intent和Adverse Effects。 - IoT Exploit Tool:ICS Red Team Tool,具有ICS-Capable和Adverse Effects,但无Malicious Intent。 - Trojanized Engineering Software:通常不具有ICS-Capable,无Malicious Intent,但有Adverse Effects。
恶意意图与后果?" ICS安全挑战?" "工程软件被黑?警惕恶意软件威胁!"
客服
商务合作
小程序
服务号
折叠