Home -> About

About SCADAhacker

Joel Langill is the SCADAhacker.  His expertise was developed over nearly 30 years through in-depth, comprehensive industrial control systems architecture, product development, implementation, upgrade and remediation in a variety of roles covering manufacturing of consumer products, oil and gas including petroleum refining, automation solution sales and development, and system engineering.  His employers include major companies such as General Electric, Shell Oil Company, Honeywell Process Solutions, and ENGlobal Automation, offering him rare and insightful expertise in the risks and mitigation of cyber vulnerabilities in industrial control systems.

Joel's unique approach to security emphasizes the processes and people used to implement security programs, rather than relying solely on technology or "products".  This directly translates into looking at security not just in terms of the hardware and software solutions covered, but how these components are actually integrated and delivered to end-users. The best strategy for comprehensive security balances People, Processes and Products.   His perspective has been sought and cited by numerous industry publications focused on both industrial automation and information security.  Joel continues to provide critical input and technical guidance regarding control system vulnerability research, management and mitigation to clients and followers around the world.  

Joel's proven experience with integrated industrial control system architecture and design, functional safety, and operational security skills have fostered business relationships with several large industry firms, including Gartner, Siemens, Tofino Security, Waterfall Security Solutions, McAfee, and Kaspersky Labs.

Joel recently completed his role as Technical Editor and contributor to an upcoming book "Applied Cyber Security for the Smart Grid" (scheduled publication early 2Q-2013) with established industry leaders Raj Samani (Vice-President and Chief Technology Officer for McAfee Europe/Middle East/Africa) and Eric Knapp (Director Critical Infrastructure Markets for McAfee). Joel plans to work with Raj and Eric on future collaborative works, including the second edition of Eric's successful book "Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems".

In 2010 and 2011 prior to launching his own training curriculum, Joel served as the lead boot-camp instructor for InfoSec Institute's SCADA Security course. Joel now offers one of the only advanced cyber security courses focusing entirely on defensive strategies for security industrial control systems, providing participants with exposure to personally developed methodologies covering threat identification, risk management, classification, assessment, and testing.

He is the Director of Critical Infrastructure and SCADA representative for the Cyber Security Forum Initiative (CSFI.us), where he was a lead contributor to a report on the use of Stuxnet in cyber warfare.  He is a Certified Ethical Hacker, Certified Penetration Test, Cisco Certified Network Associate, and TÜV Functional Safety Engineer.  Joel is also a proud member of the Milwaukee Chapter of InfraGard.

Joel maintains a large presence on various social outlets including Twitter and YouTube with thousands of followers spanning over 40 countries around the globe providing timely and relevant information specifically relating to cyber security for industrial automation and control. He is regularly a guest on webinars and a guest blogger with Tofino Security (TofinoSecurity.com).  

References are available upon request. Google references available by entering “joel langill cyber security stuxnet”   

Articles and Contributions

All Articles and Contributions have been moved to a "Members Only" portion of the website. These documents will continue to be available to the public upon completion of a simple site registration which can be completed by clicking the "Register" link at the top of the right-hand sidebar.

  • “Analysis of the 3S CoDeSys Security Vulnerabilities for Industrial Control System Professionals”, Tofino Security, November 2012
  • "ICSJWG: Basic, but Effective Security", ISSSource.com, October 2012
  • "Stronger Than Firewalls - And Cheaper Too", ISSSource.com, September 2012
  • "Internet Facing Control System Alert", ISSSource.com, June 2012
  • "Setting Up Stateless Firewall", ISSSource.com, May 2012
  • "The Stuxnet Effect on Cybersecurity", Automation World, April 2012
  • “Why SCADA Firewalls Need to be Stateful”, Tofino Security, April 2012 “The Stuxnet Effect on Cybersecurity”, Automation World, April 2012
  • "SCADA Firewalls Need to be Stateful", ISSSource.com, April 2012
  • "Data Diode Devices Secure Systems", ISSSource.com, January 2012
  • "Is Stuxnet Dead? A Look at Cyber Security and Industrial Control Systems", Flow Control, January 2012
  • "Control Systems on Alert", ISSSource.com, December 2011
  • "ICS Threat Brewing: Target Unclear", ISSSource.com, October 2011
  • "SCADA Firms Suffer Vulnerabilities", ISSSource.com, September 2011
  • "Siemens PLC Analysis Report", ISSSource.com, August 2011
  • "Siemens PLC Security Alert", ISSSource.com, July 2011
  • "Summit: For End Users Security 101", ISSSource.com, June 2011
  • "Summit: Analyzing Stuxnet with Siemens", ISSSource.com, June 2011
  • "SCADA Patch Validated", ISSSource.com, May 2011
  • "New SCADA Warning from CERT", ISSSource.com, May 2011
  • "Paranoia Means Better Security", ISSSource.com, May 2011
  • "Vulnerabilities Lead to Easy Attack", ISSSource.com, May 2011
  • "Antidote for Stuxnet-like Attacks Hits Market", ISSSource.com, April 2011
  • “Analysis of the ICONICS GENESIS Security Vulnerabilities for Industrial Control System Professionals”, Tofino Security, March 2011
  • "Breaking Down Firm's SCADA Vulnerabilities", ISSSource.com, March 2011
  • “Analysis of the 7-Technologies IGSS Security Vulnerabilities for Industrial Control System Professionals”, Tofino Security, March 2011
  • "SCADA Vulnerabilities for 7-Technologies", ISSSource.com, March 2011
  • “How Stuxnet Spreads: A Study of Infection Paths in Best Practice Systems”, Tofino Security, February 2011
  • “Stuxnet Video: Mitigation Strategy Outlined”, ISSSource.com, December 2010
  • “Stuxnet Mitigation: Defense in Depth Needed”, ISSSource.com, November 2010
  • “Cyber Defenders, Attackers Probe Stuxnet’s Secrets”, Reuters, October 2010
  • "New Video Shows Stuxnet Infecting System", ISSSource.com, October 2010
  • “Stuxnet worm: Private security experts want US to tell them more”, Christian Science Monitor (CSMonitor.com), September, 2010
  • “Stuxnet: Best Practice to Secure Industrial Control Systems”, Industrial Ethernet Book, November 2010
  • “Stuxnet: Plan Needed for Prevention, Mitigation”, ISSSource.com, September 2010
  • “Stuxnet is a ‘Weapon’”, ISSSource.com, September 2010
  • “Control Systems, Oh No … Not Again!”, ControlGlobal.com, April 2010
  • “Proper Planning Minimizes Automation Project Risk”, Control Engineering, September 2009
  • “Effective Communications Help Integration Projects Succeed”, Control Engineering, April 2009

Technical Papers and Conference Presentations

All Technical Papers and Conference Presentations have been moved to a "Members Only" portion of the website. These documents will continue to be available to the public upon completion of a simple site registration which can be completed by clicking the "Register" link at the top of the right-hand sidebar.

  • “Can you hear me now? Standing up a SEM for Industrial Control Systems", Industrial Control Systems Joint Working Group (US-DHS, ICS-CERT), Indianapolis, IN, June 2014
  • “Applying Risk Management to Industrial Security", Public Safety Canada, SCADA and ICS Security Workshop, Halifax, Nova Scotia, March 2014
  • “IT-OT Integration: We know it's Secure, but is it Safe?", Industrial Control Systems Joint Working Group (US-DHS, ICS-CERT), Rockville, MD, November 2013
  • “Cyber Security, Industrial Control Systems, and Critical Infrastructure", InfraGard Midwest Super Conference, Wisconsin Dells, WI, May 2013 
  • “Strategies to Improve Cyber Threat Resilience”, Singapore, April 2013
  • “A Look at the Real Cyber Security Risks to ICS: Let’s Hack a Control System!”, Public Safety Canada, SCADA and ICS Security Workshop, Toronto, November 2012
  • “Are you as (Safe and) Secure as you Think??? A Look at the Current Threat Landscape and its Impact on Industrial Manufacturing Facilities”, Public Safety Canada, SCADA and ICS Security Workshop, Toronto, November 2012
  • “Are you as (Safe and) Secure as you Think??? A Look at the Current Threat Landscape and its Impact on Industrial Manufacturing Facilities”, McAfee Global Industrial Control Security Forum, Calgary, October 2012
  • "Using IP Addressing Schema for Network Isolation", Industrial Control Systems Joint Working Group (US-DHS, CSSP), Denver, CO, October 2012
  • "A Look at the Real Cyber Security Risks to ICS: Control Systems and the Next Generation of Cyber Attacks", E&P Tech: Data Management and Information Access Forum, Aberdeen, Scotland, June 2012
  • "Introduction to Cyber Security for Industrial Control Systems: There's a lot more to this than you think!!!", The Automation Conference, Chicago, IL, May 2012
  • "A Look at the Real Cyber Security Risks to ICS: Control Systems and the Next Generation of Cyber Attacks", The Automation Conference, Chicago, IL, May 2012
  • "Network Architecture & Active Directory Considerations", ISA Safety and Security Symposium, Anaheim, CA, April 2012
  • "Have you done enough with Cyber Security?", OSIsoft 2012 Users Conference, San Francisco, April 2012
  • "A Look at the Real Cyber Security Risks to ICS: Control Systems and the Next Generation of Cyber Attacks", Public Safety Canada, Control Systems Workshop, Montreal, Quebec, January 2012
  • "Network Architecture & Active Directory Considerations for the PI System", OSIsoft vCampus Live, San Francisco, CA, November 2011
  • "How Stuxnet Spreads", OSIsoft vCampus Live, San Francisco, CA, November 2011
  • "A Look at the Real Cyber Security Risk to ICS", SMI Oil & Gas Cyber Security Forum, London, UK, November 2011
  • "Implementing a Network Behavior-based Intrusion Detection System for Control System Networks", Industrial Control Systems Joint Working Group (US-DHS, CSSP), Long Beach, CA, October 2011
  • "Control Systems Under Attack: Why we need cyber security", Congress on Audit Effectiveness, Bogota, Columbia, October 2011
  • "A Look at the Real Cyber Security Risks to ICS: Critical Infrastructure, Control Systems and the Next Generation of Cyber Attacks", Digitware Security Trends Meeting, Bogota, Columbia, October 2011
  • "A Look at the Real Cyber Security Risks to ICS: Control Systems and the Next Generation of Cyber Attacks", PI North America General Assembly, Scottsdale, October 2011
  • "Preparing for Stuxnet II: Control Systems and the Next Generation of Cyber Attacks", SCADA [in]Security, Malaysia, July 2011
  • "A Stuxnet Primer: Understanding the technology behind the world's most sophisticated cyber worm", SCADA [in]Security, Malaysia, July 2011
  • "Think Like a Hacker", SCADA [in]Security, Malaysia, July 2011
  • "Implementing a Network Behavior-based Intrusion Detection System for Control System Networks", Siemens Automation Summit, Orlando, June 2011
  • "How Stuxnet Spreads - A Look at Infection Paths in Best Practice Systems", Siemens Automation Summit, Orlando, June 2011
  • "Preparing for Stuxnet II: Is your infrastructure safe?", Cyber Defense: Analyzing Global Cyber Threats, Istanbul, Turkey, May 2011 
  • "Preparing for Stuxnet II: Is your refinery safe?", Central States Refining Conference, Hollister, MO, May 2011
  • "How Stuxnet Spreads - A Look at Infection Paths in Best Practice Systems", Industrial Control Systems Joint Working Group (US-DHS, CSSP), Dallas, TX, May 2011
  • "Exploitation 101: Turning a SCADA Vulnerability into a Successful Attack", Industrial Control Systems Joint Working Group (US-DHS, CSSP), Dallas, TX, May 2011
  • "How Stuxnet Spreads - A Brief Look at Infection Paths in Best Practice Systems", Mile High Industrial Automation Conference, March 2011
  • “Defense-in-Depth Strategies for Open, Secure Remote Access to Control Systems Networks”, Industrial Control Systems Joint Working Group (US-DHS, CSSP), October 2010
  • “Incorporating Cyber Security into the Execution Methodology of Automation Projects”, ISA Automation Week, October 2010
  • “Providing Secure, Remote Connections to an Analyzer Network”, Siemens 2010 Automation Summit, June 2010
  • “Incorporating Cyber Security into the Execution Methodology of Automation Projects”, 53rd Annual ISA Power Industry Division Symposium, June 2010
  • “Securing the Analyzer Network – Working with OPC-ADI”, 55th Annual Symposium of the ISA Analysis Division, April 2010
  • “An Introduction to the ISA-99 Standards: Cyber Security for Industrial Automation and Control Systems”, ISA Edmonton Conference, April 2010
  • “Incorporating Cyber Security into your Automation Project’s Execution Methodology”, Industrial Control Systems Joint Working Group (US-DHS, CSSP), April 2010
  • “Security for Industrial Automation & Control Systems”, Mile-High Industrial & Automation Conference, April 2010
  • “Security for Industrial Automation and Control Systems: An Introduction to ISA-99”, Siemens Answers for Industry Seminar, October 2009
  • “Developing Your Own Cyber Security Management System”, Siemens Answers for Industry Seminar, July 2009
  • “Implementing a High-Resolution Time Synchronization Solution”, Yokogawa User Conference, May 2009

ICS-CERT Attribution

Committee/Industry Membership

  • ISA-84 Standard Committee, “Process Safety”, Information Member
  • ISA-87 Standard Committee, “In-Line Sensors”, Information Member
  • ISA-99 Standard Committee, “Security for Industrial Automation and Control Systems”, Voting Member
  • Industrial Control System Joint Working Group (ICSJWG), U.S. Dept. of Homeland Security (DHS), Control System Security Program (CSSP) - Workforce Development & Vendor work groups
  • InfraGard - Board of Directors - Milwaukee Chapter

From the SCADAhacker blog ...

Subscribe to RSS headline updates from:
Powered by FeedBurner

SCADASec News