Controlling the physical world with BacNET attack framework
Posted on 11 April 2013.
The integration of computer technology to monitor the inner works of large office buildings, factories and plants has been evolving for years. These types of systems are often referred to as Building Automation or Building Management Systems (BMS).

Companies uses these systems to monitor a myriad of sensors, gauges and alarms that provide statistics about equipment usage as well as inform technicians when a system is not functioning correctly. What use to be simple alerting has morphed into highly complex network enabled systems that provide complete operational control over such things as HVAC, elevators, electrical & water supply and even door locks and safety systems.

This talk from Shmoocon 2013 takes a closer look at how these systems work as well as an attacker’s view into the BacNET protocols.

The author introduces a new collection of tools that pentesters and system admins could use to help identify BacNET enabled systems as well as test their solvency against attack, spoofing and denial of service.



Author: Brad Bowers is Security Operations Manager for a large financial institution with over 10 years of experience in security engineering, system forensics and incident response. Brad is a frequent writer and presenter on topics of emerging threats and threat intelligence. For the last couple years Brad has been working on projects focusing on hardware and RF security.





Spotlight

The Software Assurance Marketplace: A response to a challenging problem

Posted on 20 October 2014.  |  The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has recognized how critical the state of software security is to the DHS mission.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //