As Black Hat organizers prepare to host Black Hat USA virtually this August we want to call your attention to an exciting new Cyber-Physical Systems track of Briefings debuting at this event.
From self-driving vehicles to drones, from Industrial Control Systems to avionics, this new series of Briefings is all about defending systems where one or more computers monitor, manage and control a physical process. Attendees can look forward to a variety of practical takeaways regarding threat models aimed at these physical processes, as well as insights into both vulnerabilities and defense mechanisms need to encompass both the physical and the digital side of CPS systems.
Whispers Among the Stars: A Practical Look at Perpetrating (and Preventing) Satellite Eavesdropping Attacks is an example of what to expect from a Black Hat USA Cyber-Physical Systems Briefing. As the number of satellites in orbit begins to accelerate dramatically, this Briefing presents an experimental look at attacking satellite broadband communications across three domains: land, air, and sea.
Attendees can expect to learn how an attacker using $300 of home television equipment can spy on these communications from thousands of miles away, with virtually no risk of detection. You'll also walk though the hardware used and software developed to evaluate this threat against real-world systems using two distinct communications protocols: DVB-S MPE and DVBS-2 GSE. Don't miss it!
For a more terrestrial perspective on CPE check out Hacking the Supply Chain – Vulnerabilities Haunt Tens of Millions of Critical Devices. Researchers will reveal how how they found and exploited a series of critical vulnerabilities affecting tens or hundreds of millions of Internet of Things (IoT) devices in nearly every sector imaginable, from power grids to the medical, networking, transportation, retail, and defense industries.
These vulnerabilities were found in a library located at the very beginning of a complex supply chain and have lurked undetected for at least 10 years, likely much more; attend Black Hat USA and you'll learn the technical details, as well as how the vulnerabilities became so widespread and why some vendors are worse affected than others.
Register now for this year's fully virtual Black Hat USA, still scheduled to take place August 1st through 6th, and get more information about the event on the Black Hat website.