Recomendados
Más contenido relacionado
Destacado
Similar a Cyberattacks on a marine context (NATO Congress 2011)
Similar a Cyberattacks on a marine context (NATO Congress 2011) (20)
Último
Último (20)
Cyberattacks on a marine context (NATO Congress 2011)
- 1. A.P.T. Cyberattacks on a marine context Gutiérrez A. Corredera L.E.
- 2. Goal of the talk Identification of potential security flaws on a marine context using the most recent asset- oriented hacking techniques. Potential scenarios pirates could pursue targeting a vessel: 1- Compromised communications. 2- Malfunctioning/Sabotage of PLC systems 3- GPS precise fleet position discovering
- 3. Key concept A.P.T. (Advanced Persistant Threat): Refers to a group with both the capability and the intent to persistently and effectively target a specific entity. Advanced: Intelligence-gathering techniques Persistent: Not opportunistic Threat: Capability and Intent
- 4. Are sea pirates an A.P.T.? Persistent: Hijacking from early 90s. Threat: 53 ships on 2010 But...could they become Advanced?
- 5. Are sea pirates an A.P.T.? Persistent: Hijacking from early 90s. Threat: 53 ships on 2010 But...could they become Advanced?
- 6. Are sea pirates an A.P.T.? Persistent: Hijacking from early 90s. Threat: 53 ships on 2010 But...could they become Advanced?
- 7. Cyberattacks makes them Advanced Intelligence-gathering: Information Systems Intrusion Communications interception: Fake base station techniques Satellite Imaging: Google Maps, Bing...
- 8. Classic Cyberattacks: IP oriented Every device connected to the Internet has an IP address Basic steps of a “classical” Hacker (Not Persistent) IP ranges scan for listening services Target Characterization Investigate vulnerabilities and exploits
- 9. New Cyberattacks: Asset oriented Asset oriented search engine. Basic steps of a “Persistent” Hacker (Addressed to a certain target) Search for a concrete target in Shodan: e.g. Router Model Find exploit in Shodan So much faster and straightforward technique!
- 10. DEMO: Quick hacking session Search for USAL assets: hostname:usal.es Find vulnerable ones. (But be nice to them :) http://www.shodanhq.com
- 11. How all this apply to a marine context?
- 12. How all this apply to a marine context?
- 13. How all this apply to a marine context? http://www.zynetix.com/index.php?/solutions/maritime-gsm/
- 14. How all this apply to a marine context? http://www.zynetix.com/index.php?/solutions/maritime-gsm/
- 15. How all this apply to a marine context? http://www.zynetix.com/index.php?/solutions/maritime-gsm/
- 16. How all this apply to a marine context? http://www.zynetix.com/index.php?/solutions/maritime-gsm/
- 18. Potential security flaws Communications Intelligence Sabotage Interception gathering
- 19. Communications interception By Tsaitgaist [see http://commons.wikimedia.org/wiki/File %3AGsm_structures.svg for license], via Wikimedia Commons
- 20. Communications interception By Tsaitgaist [see http://commons.wikimedia.org/wiki/File %3AGsm_structures.svg for license], via Wikimedia Commons
- 21. Communications interception By Tsaitgaist [see http://commons.wikimedia.org/wiki/File %3AGsm_structures.svg for license], via Wikimedia Commons
- 22. Communications interception A5/x No real time. Look up tables Needs saved CUDA/GPUs Very costly Cryptoanalysis transmission. Fake base Micro BTS Close to the target Freq.inhibitor for 3G Less than 10k€ station openBSC, openBTS Cellphone Close to the target Motorola C123,155 baseband No GPRS by now OsMoComBB Less than 13$!!! modification Experimental
- 24. Potential security flaws Communications Intelligence Sabotage Interception gathering
- 25. Sabotage
- 26. Sabotage
- 27. Sabotage SCADA
- 28. Sabotage PLCs SCADA
- 29. Sabotage PLCs SCADA Water Treatment
- 30. Sabotage Stuxnet Very sophisticated. 4 Zero-days Deeply targeted at vulnerabilities. Extremely (Infects PLCs PLCs. 2 stolen digital expensive from FieldPGs) Spionage certificates. Needs a infection ScadaTrojans pathway to install a Inspired by Stuxnet (Infects PLCs but “Low cost” client side modified Cheaper from SCADAs) file. 3 Zero-days.
- 32. Potential security flaws Communications Intelligence Sabotage Interception gathering
- 34. Intelligence gathering Electronic Chart Display and Information System http://newdata.es/sistemas-de-navegacion-maritima/
- 36. Intelligence gathering A Vessel is usually part of the Internet..
- 37. Intelligence gathering A Vessel is usually part of the Internet.. And can be hacked as regular servers!
- 38. Intelligence gathering A Vessel is usually part of the Internet.. And can be hacked as regular servers!
- 39. Intelligence gathering A Vessel is usually part of the Internet.. And can be hacked as regular servers!
- 40. Intelligence gathering Internet connection. Depends on Asset oriented Computer. manufacturer’s Classic hacking Extremely cheap hacking security tools.
- 41. DEMO: Quick assets oriented search session Membrane Biological Reactor, Merchant Vessels, Worldwide Control system solution comprises: Siemens S7-300 PLC with MP HMI and S7-200 PLC based control systems and networking for the water treatment systems. Search for Maritime related assets: Zynetix MaritimeGSM, S7-300, advantech http://www.shodanhq.com
- 42. Conclusions Pirates should be considered an APT. They could virtually use Cyberattacks to hijack vessels more easily. Complex Cyberattacks are more and more affordable. A ship may become practically speaking an Internet node with all its risks (should be managed). Let’s be in the look out!
- 43. THANK YOU! {alberto,luisenrique}@flagsolutions.net Twitter: @albertoflag , @lencorredera
- 44. THANK YOU! {alberto,luisenrique}@flagsolutions.net Twitter: @albertoflag , @lencorredera
Notas del editor
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n