![AGENDA ,[object Object]](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
Recomendados
Más contenido relacionado
La actualidad más candente
La actualidad más candente (20)
Similar a Stuxnet - Formidable Cyber Weapon
Similar a Stuxnet - Formidable Cyber Weapon (20)
Último
Último (20)
Stuxnet - Formidable Cyber Weapon
- 1. STUXNET – THE FORMIDABLE CYBER WEAPON Sathish Kumar Rajeev Chaubey
- 3. Introduction to SCADA systems
- 8. Command and Control server communication
- 9. Stuxnet propagation methods
- 11. STUXNET BACKGROUND Stuxnet is a Windows computer worm discovered in July 2010. Targets industrial software and equipment. Its speculated that stuxnet was specifically designed to damageIran nuclear facilities and widely believed stuxnet introduced delay in Iran's Bushehr Nuclear Power Plant startup The first to include a programmable logic controller (PLC) rootkit.
- 12. STUXNET DAY BY DAY EVOLUTION
- 13. SUPERVISORY CONTROL AND DATA ACQUISITION
- 14. PLC – PROGRAMMABLE LOGIC CONTROLLER STUXNET SEEKS SPECIFIC MODELS S7-300 S7-400
- 15. PLC – SCAN CYCLE Read Input Execute program Diagnostics and communications Update output
- 17. STUXNET – INSTALLATION PROCEDURE
- 18. STUXNET – INFECTION ROUTINE FLOW
- 19. Stuxnet – C & C Server Communication
- 21. Security issues and mitigation techniques Security Information and Event Management systems Intrusion monitoring systems integrated with SIEM Implement “Extrusion Detection” Implement passive vulnerability scanners (PVS) on the control systems network
- 22. JUNIPER IDP SCADA SIGNATURES SCADA:DNP3:DISABLE-RESP - This signature detects attempts to stop unsolicited responses from devices. Attackers can prevent devices from sending alarms SCADA:DNP3:READ - This signature detects attempts by clients to read information from a Programmable Logic Controller (PLC). Attackers can use this information to plan future, more targeted attacks SCADA:DNP3:STOP - This signature detects attempts to stop a DNP3 server SCADA:DNP3:WARM-RESTART- This signature detects attempts to reinitialize a PLC or DNP3 server SCADA:MODBUS:LISTEN-ONLY -This signature detects attempts to force a Programmable Logic Controller (PLC) into listen-only mode, in which the PLC does not respond to request packets SCADA:MODBUS:DOS - This signature detects attempts to force a Programmable Logic Controller (PLC) to restart. The PLC is unavailable while powering on
- 23. STUXNET – THE FORMIDABLE CYBER WEAPON Q&A
- 24. STUXNET – THE FORMIDABLE CYBER WEAPON Thank you!
Notas del editor
- As part of the Q4 announcement group we are expanding our data center initiatives in 2 important ways, in line with our overall data center networking vision and strategy:1/ We are expanding our guidelines for designing next generation data center infrastructures, building on the foundations of our network simplification approach introduced in 2008 (simplifying the network, collapsing network tiers, virtualizing infrastructure elements, and simplifying management designs). We are expanding by delivering techniques for sharing network infrastructures with unique features, intelligence and scale, end-to-end based on Junos. And we are introducing a framework for delivering comprehensive and consistently managed security infrastructures for the cloud.2/ As detail to support delivering on the vision we are introducing 5 new security solution modules and associated best practices and implementation guidance to protect the critical information flows and assets associated with highly virtualized and distributed cloud data center networks.The rest of the presentation fills out information supporting these important announcements.