Chaos Communication Congress: Disneyland for hacker, SCADA security and not only

Chaos Communication Congress is one of the largest events in Europe, attended by thousands of hackers every year. This time more than 9,000 people gathered in Hamburg. Among them were the experts of Positive Technologies, who presented their research in the field of security of the automated process control systems, conducted a master class on the penetration tests of SCADA systems, and talked about the preparation of the Labyrinth - one of the most spectacular competitions of the PHDays III forum.

We already know

First of all, Sergey Gordeychik and Gleb Gritsay presented a study of the safety of industrial systems. The speech was held at the CCC for the second time: last year, specialists paid more attention to the safety level of the process control system in the world. Many new vulnerabilities have been discovered in systems developed by Siemens. Some of the most interesting security errors under the responsible disclosure policy could not be made public.
')
This year it was about industrial protocols and their shortcomings. During the performance, the most “juicy” vulnerabilities were noted, which were left behind the scenes last year. In addition, the speakers spoke about new security bugs and attacks that can be built on their basis.

Video of performance:

Pentest SCADA and database vulnerabilities

In continuation of the topic, Alexander Timorin conducted a master class on SCADA security and the study of protocols that are used in automated process control systems.



Alexey Osipov, from a group of web application security analysis, Positive Technologies made a report “Firebird / Interbase database engine hacks” about database management system vulnerabilities.

Presentation Slides:

Disneyland for the hacker

On the third day of the conference, Yury Goltsev and Alexander Zaitsev told about the creation of the “Labyrinth” - an exciting competition, a real hacker attraction, which was appreciated by the guests of Positive Hack Days III. In one hour, the contestants had to overcome an entire obstacle course: move through the laser field, bypass the tracking sensors, defeat an artificial intelligence fight, open secret doors, clean the room from bugs and defuse the bomb. Video report available on YouTube .


PHDays III member passes the “Labyrinth” laser field

In addition, the conference saw the release of new tools for assessing the security of SCADA-systems:

• Internet Connected ICS / SCADA / PLC utility: in combination with ICS / SCADA / PLC, Cheat Sheet allows you to conduct a SCADA security study;
• Hydra vs Siemens S7-300 , specially released for CCC Hydra version 7.6 with a module and library for brute-force passwords of Siemens S7-300 PLC.

Attention! These utilities are intended only for analyzing the safety of industrial systems.

Now more about the event itself.

How it was

CCC is known for addressing the technological, political and social aspects of information technology.



The jubilee, the thirtieth conference, which received the name 30C3 for this occasion, was no exception: participants could see how tamagotchi were hacked , learn how to track satellites flying around the Earth, and listen to the speech of WikiLeaks creator Julian Assange, whom he spent using a video conference system from the Ecuadorian Embassy in London, where it is still forced to hide from the authorities.



The speakers paid much attention to the problems caused by the publications of Edward Snowden. Report “To Protect and Infect. Part II of one of the TOR project managers, Jacob Appelbaum, who presented the WikiLeaks project at the HOPE conference in 2010, caused a lot of media hype and discussion in the professional community. It is not surprising - even after months after the release of secret data, Snowden wonders how the NSA connected to a huge number of devices around the world.



Anyone who is interested in information security issues is advised to read the reports:

• Triggering Deep Vulnerabilities Using Symbolic Execution [ video ]
• Electronic Bank Robberies [ video ]
• Bug Class Genocide [ video ]
• Fast Internet-wide Scanning and Security Applications [ video ]
• Hillbilly Tracking of Low Earth Orbit [ video ]
• My Journey into FM-RDS [ video ]
• Hardware Attacks, Advanced ARM Exploitation, and Android Hacking [ video ]
• Revisiting “Trusting Trust” for Binary Toolchains [ video ]
• Android DDI [ video ]
• Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware [ video ]
• Thwarting the Evil Maid Attacks [ video ]
• Script Your Car [ video ]
• The Exploration and Exploitation of SD Memory Card [ video ]

An overview of other interesting speeches (in English) can be found on Tech the Future .

Photos from the conference can be viewed at: http://rolfomat.smugmug.com/Events/30c3 .

PS Meanwhile, not much time is left until Positive Hack Days IV. Registration for participation in the qualifying competitions of PHDays CTF is in full swing. More than 140 teams have already registered, join you!