Killing Watts: ICS Attack Chains Against Power Systems
Details
Power grids run on protocols that were never designed to be secure. Modbus doesn't authenticate. MQTT trusts whoever connects. State estimation believes whatever data you feed it.
This month, Parham Mohammadi shows what happens when you exploit all of that.
THE TALK
Parham built a full ICS attack simulation lab and ran real attack chains against it. False data injection into state estimation. Modbus register overwrites. MQTT broker takeover. Chained attacks against distributed energy resources.
The operator dashboard stayed green the entire time.
If Ukraine 2015 and Industroyer taught us anything, it's that this isn't theoretical.
THE SPEAKER
Parham Mohammadi — Postdoctoral Researcher, York University
Parham spent six years at York doing his PhD on power systems simulation.
The CPPS-SEC Lab he built for this research simulates real ICS attack chains against power grid infrastructure — the same lab he's demoing at this talk.
ARRIVAL WINDOW — PLEASE READ
Doors open at 6:15 PM and close at 6:40 PM. Our volunteer at the gate can only let people up during this window. After 6:40 PM, there will be no one downstairs to let you in. Plan accordingly.
If you RSVP and can't make it, please update your status so someone on the waitlist can take your spot.
Food and drinks sponsored by Stan.
DC416 is Toronto's DEFCON group. If you're into security, you're welcome here.