Clear advice with a hacker mindset

The world around me and how Industrial Control Systems interact with it, fascinate me!

Where it all began

When I started high school, we started using a graphical calculator; a TI-83 Plus. It was a calculator with a big screen, the ability to plot graphs and support for programs in an assembly-like language.

The first program I wrote was to plot hyperbola/parabola and perform all relevant calculations needed for exams. Soon after I figured out that it was possible to allocate very large matrices in memory to consume all working memory, leaving the calculator unable to perform even basic calculations. It was a program (malware?), which I happily shared with some of my classmates before exams.

Where it went to from there

In my Embedded Systems bachelor, I continued enjoying programming small microcontrollers and designing hardware using low-level languages, such as C, C++ and VHDL. During my second year, I accidentally bricked a small microcontroller using a buffer overflow and my curiosity for breaking was sparked.

I continued my studies at the Technical University of Eindhoven (TU/e) in Information Security Technology. I always added Embedded System courses to every semester. For my master’s thesis, I found a field, on the intersection of Cyber Security and Embedded Systems: Industrial Control System (ICS) security.

At Deloitte, I found guidance for my master’s thesis about malware for ICS and after graduating I started working in the pentest team and the ICS team. Initially, I developed a (Siemens S7) ICS demo environment where trains are controlled and performed a lot of Web App & infrastructure pentests. After two years, I got more challenging tests, projects abroad and ICS assessments. When I became the technical lead of the ICS team, I created trainings, shared knowledge, improved the technical client-proposition and integrated Red Teaming approaches into ICS assessments. I even flew out for an ICS Incident Response project helping a multinational client securely restore production of one of their sites back to normal.

After almost 7 years, hacking 20+ industrial facilities on 4 continents and hundreds of IT networks and applications, I felt that I was ready for the next step in my career and joined Outflank.

My coolest project ever

My coolest projects have one thing in common: They were all huge industrial facilities. I’ve hacked some of the largest complex refineries, chemical and metal production facilities on the continent/world. I always found it fascinating to experience the beauty, immense size and complexity of these ICS sites. Learning about the network, processes and controls while hacking them was like a dream.

Dima knows about the bits and bytes of IT security.

Contact Dima

Need the whole team?

Maybe you need the whole team's experience.

Meet the team

Need help right away?
Call our emergency number

+31 20 2618996

Or send us an email and we'll get back to you as soon as possible