AppTrust GridTrust TSS


Securing the Smart Grid

FYRM Associates, an information security professional services organization, announced that Securing the Smart Grid, co-authored by Tony Flick, Principal, has officially been released by publisher Syngress.

Smart Grids are the future of energy. By creating networks from power plant to home, utility companies will be able to regulate power consumption making sure that consumers are receiving the amount that is needed, no more or less. While this new use of networking technology and unique applications such as smart meters will help to conserve energy it also opens up a pipeline, that was regulated manually, into the computer world of interconnected networks. The infrastructure that is being built will need to have robust security as an attack on this network could create chaos to tens of thousands of power consumers, stop a utility company in its tracks, or be used in a cyberwar.

Securing the Smart Grid takes a look at grid security today, how it is developing and being deployed into now over 10 million households in the US alone. Direct attacks to smart meters as well as attacks via the networks will be detailed along with suggestions for defense against them. A framework for how security should be implemented throughout this growing system will be included directing security consultants, and system and network architects on how to keep the grid strong against attackers big and small.

  • Details how old and new hacking techniques can be used against the grid and how to defend against them
  • Discusses current security initiatives and how they fall short of what is needed
  • Find out how hackers can use the new infrastructure against itself


Tony Flick Returns as Presenter at DEF CON 18

Tony Flick, Principal, will be presenting at the DEF CON 18 security conference in Las Vegas. This will be Mr. Flick's second time presenting at the DEFCON conference. This year's presentation "Getting Social with the Smart Grid" will build off his previous presentations on the Smart Grid and will feature the release of a new security model.

Littered with endless threats and vulnerabilities surrounding both social networking and the Smart Grid, the marriage of these two technologies is official, despite protests by the security community. Consumers love it because they can brag to their friends about how green they are. Businesses love it more because it provides fresh material for their marketing departments. Hackers love it the most because it opens up attack vectors, both new and old.

During this presentation we dissect readily available social Smart Devices, examining where they get things right, and where they fail. We expand on the failures, discussing and demonstrating attacks against consumers (think PleaseRobMe.com), the Smart Devices themselves, and the social networking sites they communicate with. We want consumers, device manufactures, and social networking sites to understand how to get social with the Smart Grid securely, and prevent social networking privacy from becoming even more complex. The tools we release during this presentation will allow consumers to review their Smart Devices’ social footprint, and provide device manufacturers with recommendations that can be implemented immediately. Attendees will leave our presentation armed with a deep understanding of the strengths and weaknesses of social Smart Devices, how to attack their current weaknesses and leverage their current strengths, and utilize our tools to further research how we all can better secure the social side of the Smart Grid.


Tony Flick to Present at ShmooCon 2010

Tony Flick, Principal, will be presenting at the ShmooCon 2010 security conference. Mr. Flick will be presenting "Stealing Guests... The VMware Way."

During this talk, we'll reveal how to steal VMware guests from within other guests using the vulnerability we identified in CVE-2009-3733. Quick and dirty... we'll discuss how we stumbled upon the vulnerability, determined its capabilities, and its potential implications to virtualization...complete with a live demonstration. Bring your own notebook for hands-on goodness.


Black Hat USA and DEFCON 2009 Presentations

FYRM Associates representatives will present at both the Black Hat USA 2009 Briefings and DEFCON 2009. Tony Flick, Principal, will present at this year's Black Hat USA Briefings while both he and Matt Flick, Principal, will present at DEFCON 2009.

T. Flick will present "Hacking the Smart Grid" at both conferences and M. Flick will present an update to the Cross Site Scripting Anonymous Browser (XAB), released earlier this year at the Black Hat DC Briefings, at DEFCON.

More information on T. Flick's presentation is available on the Black Hat USA 2009 Briefings Speaker page:



Matt Flick to Present at Black Hat DC 2009

Tampa, FL: January 23, 2009 - FYRM Associates, an information security professional services organization, today announced that Matt Flick, Principal, will be presenting at this year's Black Hat DC. Mr. Flick will be presenting the "XSS Anonymous Browser" tool:

Current anonymous Internet browsing applications build dynamic routes using a network of willing hosts and layers of encryption along the route. The cross site scripting anonymous browser ("XAB") exploits vulnerable web sites/applications and victim browsers to build a network of drones. The intent of XAB is not to replace the current applications, such as Tor, but rather to provide an alternative that does not require willing participants and further stretches the functionality and intent of JavaScript and other browser technology.

More information on Mr. Flick's presentation is available on the Black Hat DC 2009 Briefings Speaker page:


home . about . services . events . tools . careers . contact . blog

FYRM Associates ©