ONG-ISAC Biweekly Analyst Threat Call (Members Only) Malware Inside an Isolated Control Network
Topic: Malware Inside an Isolated Control Network
Abstract: There are quiet places deep inside most large networks that are “isolated” with only a pinholes in the firewall. Nothing interesting ever happens in these networks. Logs from control networks are dry and unlikely to ever turn up anything interesting. This can lead to neglect and missed indicators that something has gone wrong. This presentation details a malware infection inside an isolated control network that was only lightly monitored. This neglect resulted in extended dwell time and lateral movement that infected other control systems.