Friday 4 October 14:00 - 14:30, Red room
Righard Zwienenberg (ESET) & Josep Albors (Ontinet)
No, this abstract is not about some energy drink: it's all about the experience of encountering a life-threatening emergency. Energy: its availability is something we all take for granted and are highly dependent on; hence its generation and distribution is part of a nation’s critical infrastructure (CI). It's understandable that, in modern warfare, nation-states or APT groups (try to) attack their opponents’ CI, including the energy sector. Remember BlackEnergy or Industroyer, where the energy system fell victim to cyber attacks?
An energy system does not have to fall victim to a cyber attack to stop producing energy. We have the sad examples of the nuclear reactors at Fukushima after a natural disaster, as well as the Zaporizhzhia Nuclear Power Plant in Ukraine, where we still are in fear because of the ongoing war.
With the ever-increasing price of energy, many homes now are equipped with solar panels. Besides cost reduction, they also make the building’s occupants less dependent on the power grid. These solar panels can also return the generated but unused electricity to the power grid. Since almost all houses that have solar panels are smart homes, the panels are connected, and it can be fun to see the daily savings in an app.
Worldwide, power grids are mostly old and cannot handle too much generated power put back into the net. An overload causing cables to melt can be the result. To prevent this, the power companies can usually either not take your generated electricity or shut down one or more of your solar panels. And that, without you knowing it, is costing you money. Nevertheless, it is understandable, as melted electricity supply cables are not something we want. But if the power company can shut down your solar panels remotely, so can someone else when they figure out how to do that!!!
Due to environmental concerns, by 2030 in the European Union, all new cars sold must be zero-emissions, and many people are already switching to electric vehicles. The future traffic jams will be at the charging stations. But the charging stations are the next problem. For mobility we will be 100% dependent on (again) electricity. Not only can we paralyze a country by shutting down a power system, but we can paralyze it further when most cars are electric, and more so if all cars are electric, including service vehicles of the police, firefighters, and paramedics…
Critical infrastructure always needs to be protected against attacks. However, what happens if an attack is successful? Now we depend on and are spending so much more on “energy”; are we willingly increasing the problems if such an attack is successful? In this presentation we will investigate potential attacks against the energy sector, the problems around solar panels and attacks against hybrid cars, and hacking and physical damage to electric car chargers done by a cyber attack. We will present real-life scenarios where these attacks can affect our daily life and even threaten not just our cars and houses, but also all the smart buildings under construction around the world.
 |
Righard Zwienenberg Righard Zwienenberg started dealing with computer viruses in 1988 after encountering the first virus problems. His interest thus kindled he has studied virus behaviour and presented solutions and detection schemes ever since. Starting as an independent consultant, later as R&D Manager at CSE Ltd, as a researcher for ThunderBYTE, as Chief Research Officer at Norman, and currently as Senior Research Fellow at ESET. Over the years he has served in many extra roles in different industry organizations. Currently he is still serving on the board of AVAR, on the Technical Overview Board of the WildList and as the Vice Chair of the Executive Committee of IEEE ICSG. In 2018, Zwienenberg joined the Europol European Cyber Crime Center (EC3) Advisory Group as an ESET representative. Zwienenberg has been a member of CARO since late 1991. He is a frequent speaker at conferences – among these Virus Bulletin, EICAR, AVAR, RSA, InfoSec, SANS, CFET, ISOI, SANS Security Summits, IP Expo, Government Symposia, SCADA seminars – and general security seminars.
|
 |
Josep Albors Josep Albors is the Head of Awareness & Research at ESET Spain. He has more than 18 years’ experience in cybersecurity and now specializes in security awareness. He is also the editor at the ESET Spain blog and one of the contributors to the international ESET blog WeLiveSecurity. He participated as a speaker at the AVAR 2019 international conference, and at many important local security conferences in Spain. Josep is a teacher in cybersecurity courses at several Spanish universities. He collaborates with the Spanish Guardia Civil, Spanish National Police and the Spanish Army, and teaches their units how to fight cybercrime. |
Back to VB2024 conference page
