BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//bsides-ot-uk-2025//speaker//R8ZNRD
BEGIN:VTIMEZONE
TZID:GMT
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:GMT
TZOFFSETFROM:+0100
TZOFFSETTO:+0000
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T020000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:BST
TZOFFSETFROM:+0000
TZOFFSETTO:+0100
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsides-ot-uk-2025-EYYJ8Z@pretalx.com
DTSTART;TZID=GMT:20260410T160000
DTEND;TZID=GMT:20260410T164000
DESCRIPTION:Command and Control Servers have long existed for IT facing net
 works. They are the central infrastructure which allow adversaries to main
 tain persistent remote control over compromised systems and orchestrate la
 rge-scale cyberattacks. What if adversaries brought these tactics to OT?\n
 \nThis presentation explores the creation of C2 infrastructure specificall
 y for OT Networks\, using the OPC UA protocol as the example. We can exami
 ne how the OPC UA protocol can be abused to enable covert data exfiltratio
 n from airgapped networks\, and how we can connect to an OPC UA server to 
 create persistent command channels that blend with legitimate industrial t
 raffic. Through a practical demonstration using Factory I/O and containeri
 zed PLCs\, this presentation reveals the techniques adversaries could use 
 to maintain covert control over industrial systems while evading tradition
 al security monitoring.
DTSTAMP:20260501T110750Z
LOCATION:Track 2
SUMMARY:Breaking the Air Gap: Covert Command and Control Attacks on Industr
 ial Systems - James Sabin
URL:https://pretalx.com/bsides-ot-uk-2025/talk/EYYJ8Z/
END:VEVENT
END:VCALENDAR