From Exploits to Forensics Evidence - Unraveling the Unitronics Attack
Unknown
Black Hat USA 2024 · Day 1 · Briefing
This talk, presented by Noam, a seasoned vulnerability researcher, delves into the forensic investigation of a high-profile cyberattack targeting Unitronics Programmable Logic Controllers (PLCs). The attack, attributed to the Advanced Persistent Threat (APT) group "Cyber Avengers," gained significant media attention for its impact on critical infrastructure, specifically water facilities in the United States and Israel. Noam, typically engaged in proactively discovering and disclosing vulnerabilities in OT/IoT devices, shifts focus to retrospective analysis, detailing the methodology used to unravel the attack's mechanisms and extract forensic evidence from these embedded systems.