SlideShare a Scribd company logo

Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerabilities

S
Shakeel Ali

QA&TEST Conference 2011, Spain - Shakeel Ali, 10th International Conference on Software QA and Testing on Embedded Systems

Internet
1 of 20
Download to read offline
Critical Infrastructure Assessment Techniques to Prevent Threats & Vulnerabilities MR. SHAKEEL ALI 10th International Conference on Software QA and Testing on Embedded Systems
Short Biography  Security Enthusiast, Evangelist, and Researcher  Founder - Cipher Storm Ltd, UK  Founder - Ethical-Hacker.Net  BackBox Linux Contributor - A next-generation penetration testing platform  Web Application Security Consortium (WASC) Project - Threat Classification TC v2  Book Publications:  BackTrack 4: Assuring Security by Penetration Testing (April 2011), Packt Publishing, ISBN: 1849513945  Cyber Security Standards, Practices and Industrial Applications: Systems and Methodologies (August 2011), IGI Global Publishing, ISBN: 1609608518 2
Agenda  Embedded System Applications In ICS  Historic Incidents - What we have learned?  ICS Network Architecture - Possible Attack Vectors  Vulnerabilities - Broad View  Threats - Who is targeting ICS?  Prevention Strategies and Recommendations  Risk Management Checklist  ICS Evaluation Criteria  References and Additional Reading 3
Embedded System Applications In ICS  Several types of Embedded Systems :  Supervisory control and data acquisition (SCADA)  Distributed control systems (DCS)  Programmable logic controllers (PLC)  Human Machine Interface (HMI)  Remote Terminal Units (RTU)  Common Use:  Electrical power generation and distribution, Chemical plant, Water management, Manufacturing facility, Transportation, Telecommunication, Oil and gas production, Nuclear power plant, Pharmaceutical, Defense systems, Wind energy, etc. 4
Historic Incidents - What we have learned?  January 2003, Davis-Besse Nuclear Power Plant, Ohio, Slammer worm infected the whole network and disabled the safety monitoring systems.  January 2005, a cyber attack knocked out power supply in three cities in the North of Rio De Janeiro, Brazil affecting tens of thousands of people.  September 2007, a cyber attack caused major disruptions affecting more than 3 million people in dozens of cities in the Brazilian state of Espírito Santo.  July 2010, a computer worm “Stuxnet” has targeted Siemens industrial platforms (Siemens PCS7, WinCC and STEP7) running on Windows OS. First of its kind included with Programmable Logic Controller (PLC) rootkit. 5
6
Vulnerabilities - Broad View  Easy to carry sophisticated/multi-layered attacks  Confidence in commercial software  Interconnected, web-enabled systems on distributed networks  Competitive energy market  High performance & reliability requirements  Control Systems are inherently insecure  Developed without security in mind  Mostly with no firewall and intrusion detection capabilities  Improper authentication controls 7
 Use of open protocols (ICCP / CIM / DNP3 / Modbus / Profibus), increased use of intelligent devices, and lack of encryption.  Insecure real-time OS at the control-processor level  Remote access to these systems (dial-in modems, PC-Anywhere, FTP, etc)  Default vendor passwords (sometimes hardcoded into the firmware)  Host machines that control SCADA/DCS systems (XWindows or ActiveX controls) 8
 Communications systems are used to send control signals (wired and wireless) could be jammed or manipulated via spoofing and DoS attacks.  Proprietary operating systems (Windows, Unix, QNX, RTX, VxWorks)  Access through corporate networks (application and network level attacks)  Lack of communication within an operational organization 9
Threats - Who is targeting ICS?  Hackers  Hackers come in many forms  Technically cognizant hackers with detailed knowledge of energy systems  Cyber-terrorists  No known/public example of cyber-terrorism to date  Terrorist groups are constantly developing cyber attack capabilities  Insiders  Employee with detailed knowledge  Disgruntled employees or ex-employees 10
 State-sponsored cyber warfare activists  Nation-states are actively developing cyber warfare capabilities  Resources, capabilities, knowledge, and competences of the control systems and technologies 11
Prevention Strategies and Recommendations  Identifying Critical Risks  Develop business strategies to address control system vulnerabilities, threats, technology limitations, etc.  Information sharing platform for cross-sector attacks  Develop and implement strong encryption mechanism  Regular assessment through SCADA Test Bed  Legacy Systems Security  Developing security solutions  Long-term plan for legacy system development life cycle  Implement secure connection best practices  Security plan for incident response and recovery  Security Tools  Develop automated system for managing security alerts 12
 Measurable security through metrics/standards  Identifying effective perimeter security solutions  System Architecture  An integrated intrusion detection and prevention solution  Security test harness  Secure architecture with plug-and-play compatibility  Staff Security Awareness  Decisions that may introduce vulnerabilities into management and control system  Background Checks  Regular checks on current employees, new hires, and contractors  Establish a security perimeter 13
 Secure and minimize remote connections to control networks  Secure and minimize local connections between corporate networks and control systems  Implement strong access control  Develop control system security policies and procedures  Encrypt communications channels (SSL VPNs, SSH, PKI)  Use one-way connections (diode firewall)  Use dial-back modems, token-based authentication (e.g. RSA SecurID) 14
 Disable all the unnecessary applications, services, and ports  Remove or change all default/vendor-supplied passwords (e.g. SNMP community strings)  Develop security tools and technologies for real- time OS suitable for your control systems environment  Conduct an in-depth control systems cyber security audit  Embedded systems quality assurance through formal verification and validation  Develop and maintain BC/DR plan 15
Risk Management Checklist  Identify critical functions and assets, and the impacts of their loss  Identify what protects and supports the critical assets  Evaluate and rank the potential threats and vulnerabilities  Assess risk and determine priorities for asset protection  Identify best mitigation strategies and their costs  Initiate a security enhancement program  Assist plant operators in identifying priorities for protecting energy infrastructure 16
ICS Evaluation Criteria 17
References and Additional Reading  [1] SCADA Security Research Tools http://www.digitalbond.com/tools/  [2] Security Assessment Toolset http://www.scadahacker.com/tools.html  [3] Getting Started on ICS and SCADA Security Part(1): http://www.tofinosecurity.com/blog/getting- started-ics-and-scada-security-part-1-2 Part(2): http://www.tofinosecurity.com/blog/getting- started-ics-and-scada-security-part-2-2 18
 [4] Security Advisories and Exploits http://www.digitalbond.com/scadapedia/vulnerability- notes/ http://aluigi.altervista.org/adv.htm http://www.scadahacker.com/vulndb/ics-vuln-ref- list.html  [5] Jyostna, K., PADMAJA, V. (2011). Secure Embedded System Networking: An Advanced Security Perspective. International Journal of Engineering Science and Technology (IJEST). 3 (5), 3854. 19
END OF PRESENTATION

Recommended

Euro mGov Securing Mobile Services
Euro mGov Securing Mobile ServicesEuro mGov Securing Mobile Services
Euro mGov Securing Mobile Services
Miguel Ponce de Leon @ TSSG / Waterford Institute of Technology
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure Device
Priyanka Aash
 
Laying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Laying the Foundation: The Need for Cybersecurity in U.S. ManufacturingLaying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Laying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Ignyte Assurance Platform
 
What is NAC
What is NACWhat is NAC
What is NAC
Israel Marcus
 
Sangfor ngfw 修订版
Sangfor ngfw 修订版Sangfor ngfw 修订版
Sangfor ngfw 修订版
Ploynatcha Akkaraputtipat
 
What is Next-Generation Antivirus?
What is Next-Generation Antivirus?What is Next-Generation Antivirus?
What is Next-Generation Antivirus?
Ryan G. Murphy
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded Devices
Işınsu Akçetin
 
SCADA Security Training
SCADA Security TrainingSCADA Security Training
SCADA Security Training
Bryan Len
 

Recommended

Euro mGov Securing Mobile Services
Euro mGov Securing Mobile ServicesEuro mGov Securing Mobile Services
Euro mGov Securing Mobile Services
Miguel Ponce de Leon @ TSSG / Waterford Institute of Technology
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure Device
Priyanka Aash
 
Laying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Laying the Foundation: The Need for Cybersecurity in U.S. ManufacturingLaying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Laying the Foundation: The Need for Cybersecurity in U.S. Manufacturing
Ignyte Assurance Platform
 
What is NAC
What is NACWhat is NAC
What is NAC
Israel Marcus
 
Sangfor ngfw 修订版
Sangfor ngfw 修订版Sangfor ngfw 修订版
Sangfor ngfw 修订版
Ploynatcha Akkaraputtipat
 
What is Next-Generation Antivirus?
What is Next-Generation Antivirus?What is Next-Generation Antivirus?
What is Next-Generation Antivirus?
Ryan G. Murphy
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded Devices
Işınsu Akçetin
 
SCADA Security Training
SCADA Security TrainingSCADA Security Training
SCADA Security Training
Bryan Len
 
Unified Threat Management Vs Next-Gen Firewall: What's the difference?
Unified Threat Management Vs Next-Gen Firewall: What's the difference?Unified Threat Management Vs Next-Gen Firewall: What's the difference?
Unified Threat Management Vs Next-Gen Firewall: What's the difference?
Seqrite
 
IoT Hardware Teardown, Security Testing & Control Design
IoT Hardware Teardown, Security Testing & Control DesignIoT Hardware Teardown, Security Testing & Control Design
IoT Hardware Teardown, Security Testing & Control Design
Priyanka Aash
 
Reference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- InsuranceReference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- Insurance
Priyanka Aash
 
Cybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationCybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentation
Monchai Phaichitchan
 
Mobile slide
Mobile slideMobile slide
Mobile slide
Aman singh
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture
Priyanka Aash
 
Network access control (nac)
Network access control (nac)Network access control (nac)
Network access control (nac)
cyberlocke
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworks
AlienVault
 
Report: Study and Implementation of Advance Intrusion Detection and Preventio...
Report: Study and Implementation of Advance Intrusion Detection and Preventio...Report: Study and Implementation of Advance Intrusion Detection and Preventio...
Report: Study and Implementation of Advance Intrusion Detection and Preventio...
Deepak Mishra
 
Tcl security testing services v0 03 kvs 180511
Tcl security testing services v0 03 kvs 180511Tcl security testing services v0 03 kvs 180511
Tcl security testing services v0 03 kvs 180511
Transition Consulting Limited, India
 
Wireless Communiction Security
Wireless Communiction SecurityWireless Communiction Security
Wireless Communiction Security
Meet Soni
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14
James Nesbitt
 
UTM & Next-Gen Firewall Solution: What's the difference?
UTM & Next-Gen Firewall Solution: What's the difference?UTM & Next-Gen Firewall Solution: What's the difference?
UTM & Next-Gen Firewall Solution: What's the difference?
Seqrite
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updated
InfosecTrain
 
Nac market
Nac marketNac market
Nac market
Sumit Bhat
 
Network Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsNetwork Control Access for Non-IT Professionals
Network Control Access for Non-IT Professionals
Incheon Park
 
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Ahmed Al Enizi
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015
James Nesbitt
 
Cyber Security for Critical Infrastructure
Cyber Security for Critical InfrastructureCyber Security for Critical Infrastructure
Cyber Security for Critical Infrastructure
Mohit Rampal
 
Application security
Application securityApplication security
Application security
Hagar Alaa el-din
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systems
Alan Tatourian
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
Patricia M Watson
 

More Related Content

What's hot

Reference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- InsuranceReference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- Insurance
Priyanka Aash
 
Report: Study and Implementation of Advance Intrusion Detection and Preventio...
Report: Study and Implementation of Advance Intrusion Detection and Preventio...Report: Study and Implementation of Advance Intrusion Detection and Preventio...
Report: Study and Implementation of Advance Intrusion Detection and Preventio...
Deepak Mishra
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14
James Nesbitt
 
Network Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsNetwork Control Access for Non-IT Professionals
Network Control Access for Non-IT Professionals
Incheon Park
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015
James Nesbitt
 
Cyber Security for Critical Infrastructure
Cyber Security for Critical InfrastructureCyber Security for Critical Infrastructure
Cyber Security for Critical Infrastructure
Mohit Rampal
 

What's hot (20)

Unified Threat Management Vs Next-Gen Firewall: What's the difference?
Unified Threat Management Vs Next-Gen Firewall: What's the difference?Unified Threat Management Vs Next-Gen Firewall: What's the difference?
Unified Threat Management Vs Next-Gen Firewall: What's the difference?
 
IoT Hardware Teardown, Security Testing & Control Design
IoT Hardware Teardown, Security Testing & Control DesignIoT Hardware Teardown, Security Testing & Control Design
IoT Hardware Teardown, Security Testing & Control Design
 
Reference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- InsuranceReference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- Insurance
 
Cybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationCybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentation
 
Mobile slide
Mobile slideMobile slide
Mobile slide
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture
 
Network access control (nac)
Network access control (nac)Network access control (nac)
Network access control (nac)
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworks
 
Report: Study and Implementation of Advance Intrusion Detection and Preventio...
Report: Study and Implementation of Advance Intrusion Detection and Preventio...Report: Study and Implementation of Advance Intrusion Detection and Preventio...
Report: Study and Implementation of Advance Intrusion Detection and Preventio...
 
Tcl security testing services v0 03 kvs 180511
Tcl security testing services v0 03 kvs 180511Tcl security testing services v0 03 kvs 180511
Tcl security testing services v0 03 kvs 180511
 
Wireless Communiction Security
Wireless Communiction SecurityWireless Communiction Security
Wireless Communiction Security
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14
 
UTM & Next-Gen Firewall Solution: What's the difference?
UTM & Next-Gen Firewall Solution: What's the difference?UTM & Next-Gen Firewall Solution: What's the difference?
UTM & Next-Gen Firewall Solution: What's the difference?
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updated
 
Nac market
Nac marketNac market
Nac market
 
Network Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsNetwork Control Access for Non-IT Professionals
Network Control Access for Non-IT Professionals
 
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015
 
Cyber Security for Critical Infrastructure
Cyber Security for Critical InfrastructureCyber Security for Critical Infrastructure
Cyber Security for Critical Infrastructure
 
Application security
Application securityApplication security
Application security
 

Similar to Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerabilities

SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
Patricia M Watson
 
David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016
David Patterson
 
Internal security on an ids based on agents
Internal security on an ids based on agentsInternal security on an ids based on agents
Internal security on an ids based on agents
csandit
 
INTERNAL SECURITY ON AN IDS BASED ON AGENTS
INTERNAL SECURITY ON AN IDS BASED ON AGENTSINTERNAL SECURITY ON AN IDS BASED ON AGENTS
INTERNAL SECURITY ON AN IDS BASED ON AGENTS
cscpconf
 
Computer security aspects in
Computer security aspects inComputer security aspects in
Computer security aspects in
Vishnu Suresh
 
Needs of Network security.pptx. Cryptography
Needs of Network security.pptx. CryptographyNeeds of Network security.pptx. Cryptography
Needs of Network security.pptx. Cryptography
prosunghosh7
 

Similar to Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerabilities (20)

Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systems
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
ICC Networking Data Security
ICC Networking Data SecurityICC Networking Data Security
ICC Networking Data Security
 
ICC Networking Data Security
ICC Networking Data SecurityICC Networking Data Security
ICC Networking Data Security
 
3778975074 january march 2015 1
3778975074 january march 2015 13778975074 january march 2015 1
3778975074 january march 2015 1
 
David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016
 
How PCI And PA DSS will change enterprise applications
How PCI And PA DSS will change enterprise applicationsHow PCI And PA DSS will change enterprise applications
How PCI And PA DSS will change enterprise applications
 
8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf
 
Internal security on an ids based on agents
Internal security on an ids based on agentsInternal security on an ids based on agents
Internal security on an ids based on agents
 
INTERNAL SECURITY ON AN IDS BASED ON AGENTS
INTERNAL SECURITY ON AN IDS BASED ON AGENTSINTERNAL SECURITY ON AN IDS BASED ON AGENTS
INTERNAL SECURITY ON AN IDS BASED ON AGENTS
 
8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptx8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptx
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practises
 
SHIELD_overview_presentation_INFOCOM2018.pptx
SHIELD_overview_presentation_INFOCOM2018.pptxSHIELD_overview_presentation_INFOCOM2018.pptx
SHIELD_overview_presentation_INFOCOM2018.pptx
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilities
 
Computer security aspects in
Computer security aspects inComputer security aspects in
Computer security aspects in
 
call for papers, research paper publishing, where to publish research paper, ...
call for papers, research paper publishing, where to publish research paper, ...call for papers, research paper publishing, where to publish research paper, ...
call for papers, research paper publishing, where to publish research paper, ...
 
D03302030036
D03302030036D03302030036
D03302030036
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
 
Needs of Network security.pptx. Cryptography
Needs of Network security.pptx. CryptographyNeeds of Network security.pptx. Cryptography
Needs of Network security.pptx. Cryptography
 

Recently uploaded

Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
gajnagarg
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
JOHNBEBONYAP1
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Monica Sydney
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Monica Sydney
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
ydyuyu
 
PowerDirector Explination Process...pptx
PowerDirector Explination Process...pptxPowerDirector Explination Process...pptx
PowerDirector Explination Process...pptx
galaxypingy
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
ayvbos
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
ydyuyu
 

Recently uploaded (20)

Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime NagercoilNagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
 
PowerDirector Explination Process...pptx
PowerDirector Explination Process...pptxPowerDirector Explination Process...pptx
PowerDirector Explination Process...pptx
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 

Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerabilities

  • 1. Critical Infrastructure Assessment Techniques to Prevent Threats & Vulnerabilities MR. SHAKEEL ALI 10th International Conference on Software QA and Testing on Embedded Systems
  • 2. Short Biography  Security Enthusiast, Evangelist, and Researcher  Founder - Cipher Storm Ltd, UK  Founder - Ethical-Hacker.Net  BackBox Linux Contributor - A next-generation penetration testing platform  Web Application Security Consortium (WASC) Project - Threat Classification TC v2  Book Publications:  BackTrack 4: Assuring Security by Penetration Testing (April 2011), Packt Publishing, ISBN: 1849513945  Cyber Security Standards, Practices and Industrial Applications: Systems and Methodologies (August 2011), IGI Global Publishing, ISBN: 1609608518 2
  • 3. Agenda  Embedded System Applications In ICS  Historic Incidents - What we have learned?  ICS Network Architecture - Possible Attack Vectors  Vulnerabilities - Broad View  Threats - Who is targeting ICS?  Prevention Strategies and Recommendations  Risk Management Checklist  ICS Evaluation Criteria  References and Additional Reading 3
  • 4. Embedded System Applications In ICS  Several types of Embedded Systems :  Supervisory control and data acquisition (SCADA)  Distributed control systems (DCS)  Programmable logic controllers (PLC)  Human Machine Interface (HMI)  Remote Terminal Units (RTU)  Common Use:  Electrical power generation and distribution, Chemical plant, Water management, Manufacturing facility, Transportation, Telecommunication, Oil and gas production, Nuclear power plant, Pharmaceutical, Defense systems, Wind energy, etc. 4
  • 5. Historic Incidents - What we have learned?  January 2003, Davis-Besse Nuclear Power Plant, Ohio, Slammer worm infected the whole network and disabled the safety monitoring systems.  January 2005, a cyber attack knocked out power supply in three cities in the North of Rio De Janeiro, Brazil affecting tens of thousands of people.  September 2007, a cyber attack caused major disruptions affecting more than 3 million people in dozens of cities in the Brazilian state of Espírito Santo.  July 2010, a computer worm “Stuxnet” has targeted Siemens industrial platforms (Siemens PCS7, WinCC and STEP7) running on Windows OS. First of its kind included with Programmable Logic Controller (PLC) rootkit. 5
  • 6. 6
  • 7. Vulnerabilities - Broad View  Easy to carry sophisticated/multi-layered attacks  Confidence in commercial software  Interconnected, web-enabled systems on distributed networks  Competitive energy market  High performance & reliability requirements  Control Systems are inherently insecure  Developed without security in mind  Mostly with no firewall and intrusion detection capabilities  Improper authentication controls 7
  • 8.  Use of open protocols (ICCP / CIM / DNP3 / Modbus / Profibus), increased use of intelligent devices, and lack of encryption.  Insecure real-time OS at the control-processor level  Remote access to these systems (dial-in modems, PC-Anywhere, FTP, etc)  Default vendor passwords (sometimes hardcoded into the firmware)  Host machines that control SCADA/DCS systems (XWindows or ActiveX controls) 8
  • 9.  Communications systems are used to send control signals (wired and wireless) could be jammed or manipulated via spoofing and DoS attacks.  Proprietary operating systems (Windows, Unix, QNX, RTX, VxWorks)  Access through corporate networks (application and network level attacks)  Lack of communication within an operational organization 9
  • 10. Threats - Who is targeting ICS?  Hackers  Hackers come in many forms  Technically cognizant hackers with detailed knowledge of energy systems  Cyber-terrorists  No known/public example of cyber-terrorism to date  Terrorist groups are constantly developing cyber attack capabilities  Insiders  Employee with detailed knowledge  Disgruntled employees or ex-employees 10
  • 11.  State-sponsored cyber warfare activists  Nation-states are actively developing cyber warfare capabilities  Resources, capabilities, knowledge, and competences of the control systems and technologies 11
  • 12. Prevention Strategies and Recommendations  Identifying Critical Risks  Develop business strategies to address control system vulnerabilities, threats, technology limitations, etc.  Information sharing platform for cross-sector attacks  Develop and implement strong encryption mechanism  Regular assessment through SCADA Test Bed  Legacy Systems Security  Developing security solutions  Long-term plan for legacy system development life cycle  Implement secure connection best practices  Security plan for incident response and recovery  Security Tools  Develop automated system for managing security alerts 12
  • 13.  Measurable security through metrics/standards  Identifying effective perimeter security solutions  System Architecture  An integrated intrusion detection and prevention solution  Security test harness  Secure architecture with plug-and-play compatibility  Staff Security Awareness  Decisions that may introduce vulnerabilities into management and control system  Background Checks  Regular checks on current employees, new hires, and contractors  Establish a security perimeter 13
  • 14.  Secure and minimize remote connections to control networks  Secure and minimize local connections between corporate networks and control systems  Implement strong access control  Develop control system security policies and procedures  Encrypt communications channels (SSL VPNs, SSH, PKI)  Use one-way connections (diode firewall)  Use dial-back modems, token-based authentication (e.g. RSA SecurID) 14
  • 15.  Disable all the unnecessary applications, services, and ports  Remove or change all default/vendor-supplied passwords (e.g. SNMP community strings)  Develop security tools and technologies for real- time OS suitable for your control systems environment  Conduct an in-depth control systems cyber security audit  Embedded systems quality assurance through formal verification and validation  Develop and maintain BC/DR plan 15
  • 16. Risk Management Checklist  Identify critical functions and assets, and the impacts of their loss  Identify what protects and supports the critical assets  Evaluate and rank the potential threats and vulnerabilities  Assess risk and determine priorities for asset protection  Identify best mitigation strategies and their costs  Initiate a security enhancement program  Assist plant operators in identifying priorities for protecting energy infrastructure 16
  • 18. References and Additional Reading  [1] SCADA Security Research Tools http://www.digitalbond.com/tools/  [2] Security Assessment Toolset http://www.scadahacker.com/tools.html  [3] Getting Started on ICS and SCADA Security Part(1): http://www.tofinosecurity.com/blog/getting- started-ics-and-scada-security-part-1-2 Part(2): http://www.tofinosecurity.com/blog/getting- started-ics-and-scada-security-part-2-2 18
  • 19.  [4] Security Advisories and Exploits http://www.digitalbond.com/scadapedia/vulnerability- notes/ http://aluigi.altervista.org/adv.htm http://www.scadahacker.com/vulndb/ics-vuln-ref- list.html  [5] Jyostna, K., PADMAJA, V. (2011). Secure Embedded System Networking: An Advanced Security Perspective. International Journal of Engineering Science and Technology (IJEST). 3 (5), 3854. 19