Killing Time - SANS ICS Security Summit 2021
https://www.youtube.com/watch?v=2iV-KuGQtgU
In this talk we will look at some of the different kinds of time sources found in ICS environments (Windows Time, NTP, PTP, IRIG-B, etc.) and briefly discuss how industrial control system devices and applications like PLCs, PACs, Historians, and Alarm Systems use time. We will also discuss common network architectures that allow time sources to be accessible or time protocols like NTP to be passed through IDMZs and firewalls. In this final presentation of the day, we will walk through an attack demonstration targeting a local process through an NTP built in feature for sending a Kiss of Death packet – ultimately attacking the control system from within the control system.