![[site.logo.alt]](/presentation/images/RO_VJ_Logo.png){kind=logo}
Jonathan Pollet, CISSP, CAP, PCIP
Founder, Principal Consultant, Red Tiger Security
Biography
Jonathan Pollet, Founder and Principal Consultant for Red Tiger Security, USA has over 12 years of experience in both Industrial Process Control Systems and Network Security. After graduating from the University of New Orleans with honors and receiving a B.S. degree in Electrical Engineering, he was hired by Chevron and designed and implemented PLC and SCADA systems for onshore and offshore facilities.
In 2001, Pollet was one of the first to publish several white papers that exposed the need for security for Industrial Control Systems (ICS), and is still active in the research of vulnerabilities within critical infrastructure systems. He has led security teams on over 150 assessments, penetration tests, and red team physical breaches involving SCADA and Industrial Control Systems. He is also the developer of the 5-day SCADA Security Advanced training course and has trained over 400 professionals since 2009.
Throughout his career, he has been involved with SANS, IEEE, ISA, ISSA, UTC, CSIA, SPE, and other professional societies. Pollet has developed and presented workshops on SCADA Security to the FBI, Department of Homeland Security, Utility Telecom Council, and has spoken at over 75 conferences and workshops around the world.
Pollet has been quoted in many periodicals, trade journals, and magazine articles as an expert in SCADA and Critical Infrastructure Protection. He was recently interviewed in the September issue of Vanity Fair, and also appeared on Fox News Live for a TV interview concerning hackers and critical infrastructure.
Presentation: New SCADA Attacks - APT, Night Dragon, and Stuxnet – Everybody is Kung Fu Fighting
The recent increase in coordinated covert cyber incidents targeting global oil, energy, and petrochemical companies, termed “Night Dragon” and the Stuxnet malware are examples of APT attacks targeting SCADA systems and critical infrastructure. Our security teams have been involved on the ground level responding to several Night Dragon and APT incidents, and developed an educational presentation about what was found, the methodology of the attackers, and some useful tips for asset owners to consider in preventing this type of an attack from exploiting their own systems. We have also recorded several hacking videos showing how simple it is for a non-educated attacker to attack SCADA HMI systems directly, or by pivoting off of a Data Historian in the DMZ.