Threats are real. Therefore, a strategy is required, along with a step-by-step plan to protect your businesses. Join us for exciting workshops and games, demonstrations and analysis with Kaspersky ICS CERT experts and professionals. All 4 sessions are based on our latest research and analysis conducted by the Kaspersky ICS CERT security researchers. We will highlight typical security problems and real vulnerabilities from our real-world cases. You will learn more about rapidly evolving cyber threats for industrial environments and you will find out why we need to keep one-step ahead of the threat actors.
- Masters Students Cyber Security from Deggendorf Institute of Technology (DIT), Germany
- Computer Science Students from DIT and Hagenberg University, Austria
- Sales managers, partners, customers from Kaspersky Central Europe
- Interested individuals
About this event
March 9, 2021
8:15: DIT and Kaspersky Welcome
8:30 – 12.15: Roland Sako
Introduction to Reverse Engineering with Ghidra
Developed by the US government, Ghidra has become open source and free to download since 2019. While it is still not as mainstream as IDA Pro, it is a very powerful reverse engineering toolbox and is getting better as time goes on.
In this workshop, we will give students an introduction to using Ghidra for analyzing executable binaries. We will start by setting up our project and understanding Ghidra’s user interface, before moving to the actual analysis of a few executable files. Then, we will try to automate some of the tasks and understand how to integrate Ghidra into your reverse engineering projects.
12.15 – 12.30: Lunch Break
13:30 – 16.00 Michael Hirschmann
Kaspersky Interactive Protection Simulation (KIPS) is an exercise that places business decision makers into IT security teams from corporations and government departments into a simulated real-life business environment facing a series of unexpected cyber threats, while trying to maximize profit and maintain confidence.
The idea is to build a cyber-defense strategy by making choices from amongst the best pro-active and re-active measures available. Every reaction made by the teams to the unfolding events changes the way the scenario plays out, and ultimately how much profit the company makes or fails to make.
March 10, 2021
8:30 – 12.15: Stephan Gerling
Industrial Router Analysis and Demonstration
We will perform a vulnerability assessment of a Wi-Fi/LTE Router commonly used in yacht environments.
This includes: a teardown of the black box to identify the built-in components, analyzing multiple versions of the configuration software, searching for the vulnerability and testing it on the box.
12.15 – 12.30: Lunch Break
13:30 – 17.30: Maria Garnaeva
This workshop will examine the advantages of using YARA rules in the cybersecurity community. It will introduce their syntax and usage, with real life case studies of APTs caught using YARA.
17:15 – 17:30: Debriefing & Feedback, Closing
About our ICS CERT experts & trainers
Roland Sako, Security ResearcherRoland Sako is a Swiss security researcher working in Kaspersky’s Industrial Control Systems Cyber Emergency Response Team (ICS CERT) where he is responsible for conducting vulnerability research and delivering live and online ICS cybersecurity training programs. Today Roland is particularly interested in security for embedded devices and developing gamification teaching tools for cybersecurity. He enjoys conduction penetration testing of ‘Internet of Things’ devices ranging from industrial control systems to smart light bulbs. He has previous experience as a security consultant, and in the education team at Kaspersky.
Michael Hirschmann, Presales Manager
Michael Hirschman is a Senior Presales Engineer at Kaspersky Labs GmbH. Currently, Michael is a technical consultant for Kaspersky customers and partners in the DACH region. He also conducts the Kaspersky Interactive Protection Simulation (KIPS) game for companies and organizations. Michael joined Kaspersky in 2013. Previously Michael was a Consulting Technical Lead at several known AV companies and mainly responsible for onsite consultation for enterprise customers (automotive) focusing on endpoint- and messaging-security as well as threat & vulnerability management.
Stephen Gerling, Senior Security Researcher
Stephen Gerling is a cyber-security and electronics specialist. He joined Kaspersky in October 2020 as a Senior Security Researcher in Kaspersky’s Industrial Control Systems Cyber Emergency Response Team (ICS CERT). Stephen started his career on the legendary C64 in 1983. In the beginning he was interested in all the new possibilities computers created: hardware modifications, programming and later when the first boot sector viruses came around, IT-security. Today he focuses on IT/OT systems and maritime equipment security.
Stephen has worked for over 20 years in the Oil and Gas industry to provide security for a leading pipeline inspection company. He also worked with the German Army as an electronic specialist on helicopters and took part in several missions. He has been a volunteer fireman in Germany since 1987 and has been involved in over 1 K incidents in various roles, often as the leader at the scene.
Maria Garnaeva, Senior Security Researcher
Maria Garnaeva is a senior security researcher in the Kaspersky Industrial Control Systems Computer Emergency Response Team (ICS CERT) where she investigates attacks targeting ICS, including forensics and malware research to identify attack vectors. Maria regularly contributes to threat intelligence reports and analysis, presents at malware and ICS conferences and conducts training sessions. Maria graduated from the Bauman Moscow State Technical University with a bachelor’s degree in computer science. Prior to working in the ICS CERT team, she was a security researcher in Kaspersky’s Global Research and Analysis Team (GReAT), where she focused on APTs, botnets and general malware research, providing detections and threat intelligence reports.
About Kaspersky ICS CERT
Kaspersky Industrial Control Systems Cyber Emergency Response Team (Kaspersky ICS CERT) is a global project of Kaspersky aimed at coordinating the efforts of automation system vendors, industrial facility owners and operators, and IT security researchers to protect industrial enterprises from cyberattacks. Kaspersky ICS CERT devotes its efforts primarily to identifying potential and existing threats that target industrial automation systems and the industrial internet of things.
Deggendorf Institute of Technology is one of the most innovative Universities of Applied Sciences in Bavaria. Our eight faculties provide more than 50 Bachelor and Master’s degree programs in economics, engineering, informatics, applied sciences and health care. Currently we host more than 7.000 students, about 20 percent of whom are international students from close to 100 countries. The Institute Protect IT works in the field of security and strengthening of networked embedded systems, detection of anomalies and attacks in network traffic, specifically, by means of artificial intelligence, as well as the conception, development and analysis of suitable response measures to IT security incidents (IR – incident response).