Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Learn to hunt, analyze, and assess Industrial Control Systems (ICS) malware threats through evidence-based methodologies in this DEF CON 33 conference talk. Explore the rarity of ICS malware while understanding how significant threats like FrostyGoop, TRISIS, and COSMICENERGY have been discovered in public repositories like VirusTotal. Master the process of distinguishing between benign research tools, CTF materials, obfuscated code, and genuine malicious threats targeting ICS/OT environments. Discover practical hunting techniques using simple yet effective queries to identify potential threats, follow a systematic analysis workflow, and understand appropriate response actions including victim notification procedures. Examine real-world case studies using recently discovered samples to demonstrate the complete threat assessment process. Apply Dragos's ICS malware definition framework to make accurate determinations about whether discovered samples constitute genuine ICS malware threats, helping security professionals avoid false alarms while maintaining vigilance against legitimate industrial cybersecurity risks.
