WebsiteGear Logo Log In
New User? Sign Up
About | Contact | FAQ
  Home News Web Hosting Domain Name Industry Wednesday, April 25, 2018 
Add Press Release News | News Feeds Feeds | Email This News Email

Echoing TRITON, CyberX's Innovative ICS Security Research Selected for 'Hackers & Threats' Session at the 2018 RSA Conference
Thursday, April 12, 2018

CyberX also sponsors ICS Village at RSA to raise awareness of ICS/SCADA security issues

Echoing TRITON, CyberX's Innovative ICS Security Research Selected for 'Hackers & Threats' Session at the 2018 RSA Conference

CyberX also sponsors ICS Village at RSA to raise awareness of ICS/SCADA security issues

BOSTON, April 12, 2018 /PRNewswire/ -- CyberX, the IIoT and industrial control system (ICS) security company, today announced that it has been selected to present a session titled Mind the Air-Gap: Exfiltrating ICS Data via AM Radios and Hacked PLC Code, at the 2018 RSA Conference next week in San Francisco.

In the session, CyberX VP of Research, David Atch, will discuss a novel attack technique that stealthily injects rogue ladder logic code into programmable logic controllers (PLCs) without interrupting their normal operation. This approach is similar to the one used in the recently-discovered TRITON attack on a petrochemical facility in Saudi Arabia, in which attackers injected malicious code into a Triconex Safety Instrumented Controller (SIS) -- with the likely goal of triggering an explosion that would cause catastrophic physical and environmental damage and potentially loss of human life.

Additionally, CyberX's RSA session describes an innovative technique that helps shatter the myth of air-gapped ICS networks, which are theoretically isolated from corporate IT networks and the outside world. In the CyberX hack, the rogue ladder logic code has been specially crafted to generate encoded radio signals that are received by ordinary AM radios, enabling adversaries to exfiltrate sensitive IP such as proprietary formulas and recipes -- or reconnaissance data about deployed ICS/SCADA devices to aid in planning future destructive attacks.

Part of the "Hackers and Threats" track at the RSA Conference, CyberX's RSA session will take place on Wednesday, April 18 from 9:15am PDT - 10:00am PDT (HTA-W04, Moscone South 314). After the session, David will meet attendees and conduct an interactive Q&A in the ICS Village, on Wednesday afternoon from 2:00-3:30pm PDT (Marriott Marquis, Yerba Buena 8).

With this presentation, CyberX becomes the first ICS behavioral anomaly detection platform vendor to demonstrate an ICS/SCADA exploit at the RSA Conference, one of the world's premier cybersecurity conferences. Speaking positions at the RSA Conference are highly competitive, with thousands of submissions for only a few hundred speaking positions. CyberX was also the first ICS security vendor to establish its own ICS security research and threat intelligence team, composed of data scientists and military cyber-experts with nation-state experience defending critical infrastructure.

Additionally, this year CyberX will sponsor the non-profit ICS Village, which equips industry and policymakers to better defend industrial networks through awareness, education, and training.

Further resources include a blog post by CyberX's threat intelligence team describing their findings from reverse-engineering the TRITON malware; as well as the recording from a recent SANS webinar titled Anatomy of the TRITON ICS Cyberattack.

To meet with one of CyberX's ICS cybersecurity experts, please send an email to or stop by booth #S735 in the South Hall.

About David Atch
David Atch is an ICS cybersecurity expert with extensive experience in malware analysis, threat hunting, and incident response. His vulnerability research was featured in in the popular McGraw-Hill book series, "ICS Hacking Exposed," and his team has discovered numerous zero-days in widely-used industrial devices which were validated by the ICS-CERT. In February 2016, he uncovered Operation BugDrop, a large-scale cyberespionage campaign targeting Ukrainian critical infrastructure. He also led the team that reverse-engineered BlackEnergy3 and discovered it was designed to perform data exfiltration from OT networks, as well as uncovering that KillDisk malware had evolved into ransomware. Prior to CyberX, Atch had a military career in the IDF where he led their elite team of incident responders who continuously hunted and mitigated cyber-intrusions targeting the country's critical national infrastructure.

About CyberX (Twitter: @CyberX_Labs)
Founded by military cyber-experts with nation-state expertise defending critical infrastructure, CyberX provides the most widely-deployed platform for continuously reducing ICS and IIoT risk. CyberX's proprietary self-learning engine delivers accurate insights about ICS assets, targeted attacks, malware, vulnerabilities, and attack vectors -- in less than an hour -- without relying on rules or signatures, specialized skills, or prior knowledge of the environment.

CyberX is a member of the IBM Security App Exchange Community and has partnered with premier solution providers worldwide including Optiv Security and Deutsche-Telekom/T-Systems. For more information visit

Media Contact
Deb Montner, Principal
Montner Tech PR

View original content with multimedia:


Email This News Email | Submit To Slashdot Slashdot | Submit To Digg | Submit To | News Feeds Feeds

Nav Top Federal IT Contractors Leave Emails Vulnerable to Phishing, Spoofing | Apr 25, 2018
Nav TechSee's Visual Support Enhances Customer Satisfaction at Orange Spain | Apr 25, 2018
Nav Social Media 55 & Eric Lister go into Writing Partnership Agreement | Apr 24, 2018
Nav CreditEase Leads Fintech Innovations in Global Investment for the New Era | Apr 24, 2018
Nav Codewise Appoints John Malatesta as President | Apr 24, 2018
Nav Former BP CEO Lord Browne Joins Windward's Board to Extend Startup's Lead in Maritime Risk Analytics | Apr 24, 2018
Nav Master Data Management BPO Market - Global Industry Analysis, Size, Share, Growth, Trends and Forecast, 2017 - 2025 | Apr 24, 2018
Nav honeygrow Introduces New Digital Engagement Program Powered by LevelUp | Apr 24, 2018
Nav Impact Appoints New Managing Director EMEA to Drive Growth | Apr 24, 2018
Nav Prodapt to Participate at the NFV & Zero Touch World Congress, San Jose, 24-26 April 2018 | Apr 24, 2018

Submit News | View More News View More News