Breaching Water Treatment Plants: Lessons Learned from Complex Exercises
Doug Rapp - Rofori Corporation
Sep 05, 2018Size: 375.3MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractUS cybersecurity experts determined that Russian hacking group Dragonfly targeted the United States and European utilities with a cyber espionage campaign from 2015 – 2017. This government sponsored group was able to successfully infiltrate core control systems. Cold War espionage methodologies such as “sleeper cells” are now being executed in the cyber domain. Industrial firms including power and water providers have proven to be susceptible to attacks and disruptions that could be used during a significant geopolitical conflict. Antiquated industrial control devices now connected to the internet make utilities in even the most advanced countries susceptible to everyone from hacktivists to cyber criminals to nation states. In these times, the question has shifted from “can they?” to “when will they?”. Using Indiana’s groundbreaking cybersecurity exercise Crit-Ex as an example, we explore exactly how vulnerable of utilities really are and how insights into incident response and resiliancy are discovered through complex training and exercises.
About the SpeakerDouglas Rapp is the President of Rofori Corporation, an innovative young technology company that uses meta data tagging and advanced algorithmics to turn unstructured data into signal. Rofori’s flagship application is DEFCON cyber, a scalable cybersecurity risk and awareness tool that offers small business enterprise level expertise. He is also President of the Cyber Leadership Alliance, a non-profit organization that convenes leadership in cybersecurity & security in the internet of things to synchronize efforts, promote cybersecurity efforts in the region, foster innovation and promote the economic impact. CLA’s CISO forum represents over 20 Billion of private industry in Indiana. Doug is a published author on cybersecurity training, workforce development, and economic development. He is also an entrepreneur in residence for Purdue University. He is an international speaker and has testified before Congress on cybersecurity matters. Doug is a lifelong Hoosier, a former military officer and combat veteran and cybersecurity optimist.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.