[CLASS 2014] Palestra Técnica - Samuel Linares

•

0 recomendaciones•649 vistas

Título da Palestra: Ligando proteção da infraestrutura crítica e segurança cibernética industrial: Existe uma Cyber-Tsunami na espera?

Tecnología

1
Linking Critical
Infrastructure Protection
and Industrial
Cybersecurity: Is there a
Cyber-Tsunami in waiting?
Samuel Linares
Industrial Cybersecurity Center (CCI)
Director

1957 Andreanof Islands EarthquakerMw9.1
1960 Chile Great EarthquakeMw9.5
Earthquake Research Institute, University of Tokyo
1964 Alaska EarthquakeMw 9.2
1952 Kamchatka EarthquakeMw9.0
2011 East Japan Great EarthquakeMw 9.0
2004 Indian Ocean EarthquakeMw9.0
2010 Chile EarthquakeMw8.8

Physical & CyberWorlds Convergence
Consequences: Intangible
Web Portal unavailable
No email
Consequences: Tangible, Concrete
Production Losses
Environmental Damages
Public Health
Lower Company Valuation

8
Convergence
IT in the Industrial World

IT in the Industrial World
Industrial Control
Systems are NOT
isolated anymore.
They have moved
Industrial devices have inherited
all problems from IT
from using
dedicated serial
lines to Ethernet or
WiFi
Now, most of
industrial protocols
are running over
TCP/IP
Industrial Control
Systems use general
purpose operating
systems

10
Different Cultures
Convergence
IT in the Industrial World

Plant vs IT vs Security
Plant / IT Conflict:
– “Watertight” environments. “Don’t get
into my lot, and I won’t into yours”
–Attention is not paid to communication
interfaces between both worlds
– Connection interfaces are no man’s land,
and many times, unknown (others
WWW… Wild Wild West ☺)

12
¿Security?
Different Cultures
Convergence
IT in the Industrial World

SECURITY
¿Cyber Security?
Physical Security
Industrial Safety
Environmental
Safety

Project Basecamp
SCADA Security
Scientific
Symposium (S4)

18
Project Robus: Master Serial Killer
• Objective: Analysis of Implementation of
Industrial Protocols (First: DNP3)
• DNP3: 15 advisories, 28 tickets reported
• Fuzzing techniques
• All devices analyzed vulnerables: only 2 ok!
• Implementaciones se limitan a garantizar
funcionalidad, pero no la seguridad
• Hundreds of thousands vulnerable devices:
much of them connected to Internet

Smart Grid and
Internet of Things are coming…
19

Internet of Things
Internet de las Cosas

22
Cybersecurity
Strategies and Regulations

European Cyber Security Strategy
CYBERSECURITY
FRAMEWORK
CIP Regulations

Shodan (www.shodanhq.com)
• Internet search engine that indexes internet-connected
services response (FTP, SSH, Telnet,
HTTP, HTTPS, SNMP, uPNP, SMB…)
• Provide cccess to millions of Internet-connected
devices

Project SHINE
SHodan INtelligence Extraction
Internet-facing
Industrial Systems +2.000.000
Located in
United States 30%
ISP’s Dynamic
Addresses 80%

35
Who's Really Attacking
our ICS Devices?

• ONLY attacks that were targeted
• ONLY attempted modification of
pump system
• ONLY attempted modification via
Modbus/DNP3
• DoS/DDoS were considered attacks
Kyle Wilhoit
(Trendmicro)

R
Collaboration
Commitment Coordination
“C3R: Collaboration, Coordination and Commitment based
Relationships”

Industrial Cyber Security
Tsunami is here…
Will you keep
watching?
Thank you
Samuel Linares - @infosecmanblog – samuel.linares@cci-es.org

Más contenido relacionado

La actualidad más candente

Scada security presentation by Stephen Miller

AVEVA

SCADA Security Presentation

Filip Maertens

This presentation explains the ANSI/ISA-99 and IEC 62443 standards for industrial control systems (ICS). It describes the Zone and Conduit security model and how it is used in an plant or factory. As well, the issues of security configuration errors are discussed. A case history of zone security deployment for a Safety Integrated System in a refinery is provided. For additional information see www.tofinosecurity.com.

ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)

Byres Security Inc.

Should I Patch My ICS?

Digital Bond

Every time a new information technology finds its way into production, it seems as though we end up repeating the same process – security vulnerabilities will be discovered and disclosed in that technology, and users and vendors will deny that the risks are significant. Only after major attacks occur do we really start to see efforts to address the inherent risks in a systematic way. We’re falling into this exact same trap again with Industrial Control and SCADA systems, but in this case the problem is worse, because the inherent nature of control systems prevents us from applying many of the strategies that have been used to protect other kinds of computer networks. Join Lancope’s Director of Security Research, Tom Cross, for a look at the five stages of grief that organizations seem to pass through as they come to terms with security risks, and how far we’ve come regarding Industrial Control Systems. Hear about: The state of Control Systems security vulnerabilities Attack activity that is prompting a change in perspective The unique, long-term challenges associated with protecting SCADA networks How anomaly detection can play a key role in protecting SCADA systems now

SCADA Security: The Five Stages of Cyber Grief

Lancope, Inc.

Cybersecurity in Industrial Control Systems (ICS)

Joan Figueras Tugas

The Department of Homeland Security (DHS) has become more concerned with cyber attacks on infrastructure such as supervisory control and data acquisition (SCADA) systems. An attack in Iran has proven that the landscape of cyber warfare is continually evolving. As the SCADA systems are the systems that autonomously monitor and adjust switching among other processes within critical infrastructures such as nuclear plants, and power grids DHS has become concerned about these systems as they are unmanned frequently and remotely accessed. A vulnerability such as remote access could allow anyone to take control of assets to critical infrastructure remotely. There has been increasing mandates, and directives to ensure any system deployed meets stringent requirements. As the Stuxnet worm has become a reality, future attacks could be malicious code directly targeting specific locations of critical infrastructure. This paper will address methods to protect infrastructure from cyber attacks using a hybrid of certification & accreditation (C&A) processes and information assurance (IA) controls.

Protecting Infrastructure from Cyber Attacks

Maurice Dawson

S C A D A Security Keynote C K

Narinrit Prem-apiwathanokul

Critical Infrastructure Security Talk At Null Bangalore 13 Feb 2010 Sundar N

null The Open Security Community

ICS Security 101 by Sandeep Singh

OWASP Delhi

S4xJapan Closing Keynote

Digital Bond

DTS Solution - SCADA Security Solutions

Shah Sheikh

Guide scada and_industrial_control_systems_security

Deepakraj Sahu

Nist 800 82 ICS Security Auditing Framework

MarcoAfzali

The presentation covers assessment, implementation methodology, and current level of success for addressing four key objectives which are protecting the controls fieldbus (networks) from untrusted networks (domain), secure and safe remote support capability from both inside and outside of the company, control supplier access to manufacturing equipment when onsite, and protect manufacturing systems from Malware and intrusion. This system isn’t theoretical, it’s in broad use and full critical production. If the time and connectivity is available a quick remote access demonstration can be given. The presentation will wrap up with a series of thoughts and ideas that occur to me regarding security in general as I listen to other organizations and groups talking about various security needs and activities.

ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...

Digital Bond

2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...

Eran Goldstein

Securing SCADA

Jeffrey Wang , P.Eng

Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...

Honeywell

Securing Critical Iot Infrastructure, IoT Israel 2014

iotisrael

IEC and cyber security (June 2018)

International Electrotechnical Commission (IEC)

La actualidad más candente (20)

Scada security presentation by Stephen Miller

SCADA Security Presentation

ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)

Should I Patch My ICS?

SCADA Security: The Five Stages of Cyber Grief

Cybersecurity in Industrial Control Systems (ICS)

Protecting Infrastructure from Cyber Attacks

S C A D A Security Keynote C K

Critical Infrastructure Security Talk At Null Bangalore 13 Feb 2010 Sundar N

ICS Security 101 by Sandeep Singh

S4xJapan Closing Keynote

DTS Solution - SCADA Security Solutions

Guide scada and_industrial_control_systems_security

Nist 800 82 ICS Security Auditing Framework

ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...

2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...

Securing SCADA

Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...

Securing Critical Iot Infrastructure, IoT Israel 2014

IEC and cyber security (June 2018)

Destacado

Cyber Security for Critical Infrastrucutre-ppt

Mohit Rampal

DocomUSA Cyber Security

docomusa

DocomUSA Security

docomusa

Introduction to National Critical Infrastructure Cyber Security: Background a...

Jack Whitsitt

Industrial Cybersecurity and Critical Infrastructure Protection in Europe

Positive Hack Days

NIST Cybersecurity Framework Background and Review | Jack Whitsitt

Jack Whitsitt

NIST CyberSecurity Framework: An Overview

Tandhy Simanjuntak

Destacado (7)

Cyber Security for Critical Infrastrucutre-ppt

DocomUSA Cyber Security

DocomUSA Security

Introduction to National Critical Infrastructure Cyber Security: Background a...

Industrial Cybersecurity and Critical Infrastructure Protection in Europe

NIST Cybersecurity Framework Background and Review | Jack Whitsitt

NIST CyberSecurity Framework: An Overview

Similar a [CLASS 2014] Palestra Técnica - Samuel Linares

Introduction to Internet of Things (IoT)

Francesco Felicetta

2014 Cabling Installation & Maintenance: The Strange Physical World of Indust...

METZ CONNECT USA Inc.

PROFINET - The backbone of IIoT. IOT, IIOT, Industrie 4.0 are becoming popular topics of conversation, but what do they mean and where does PROFINET fit into the equation? This presentation will try to explain this and provide a clearer idea of the benefits of using PROFINET as part of an overall move towards these concepts, collectively known as the 4th Industrial Revolution. BIOGRAPHY Peter Thomas is a Process Control and Automation Engineer with Control Specialists Ltd. He is Chairman of the PROFIBUS & PROFINET International Training Centre (PITC) Workgroup and is a member of the PROFIBUS UK Steering Committee.

Profinet and the Industrial Internet of Things (IIoT) - Peter Thomas - Sept ...

PROFIBUS and PROFINET InternationaI - PI UK

Today, there are more than 31 billion Internet of Things (IoT) devices connected to the Internet. These devices range from simple sensors and actuators to smart equipment and appliances that have a huge impact on major industries such as manufacturing, transportation, healthcare and utilities. The vast amount of data collected from IoT device telemetry has also enabled advanced data analytics, and machine learning models that can give us better insights and make IoT smarter, giving rise to AIoT (AI + IoT) applications. With the pandemic situation likely to turn endemic, how will this impact the IoT landscape in Singapore? What are some of the key drivers and growth areas for IoT?

IoT Landscape and its Key Trends in Deployment

Vincent Lau

2012 02 14 Afcom Presentation

Eric Gallant

Conférence ENGIE ACSS 2018

African Cyber Security Summit

Mike McBride will provide a look at the Industrial IoT (IIoT) landscape and the OT/IT convergence. He will cover several use cases including healthcare, entertainment and smart buildings. He will cover the challenges IIoT networking faces with emerging technologies and how edge computing will provide increased performance, security and reliability. Mike will discuss the various Edge Computing standards & opensource forums along with proposed architectures. And Mike will present new solutions being proposed (ICN, slicing, Blockchain) to support the bandwidth, latency and security requirements within Industrial verticals. About the speaker: As Sr. Director of Innovation & Strategy, within Huawei's IP Network BU, Mike leads Industrial IoT, Edge Computing and IP/SDN architecture, standardization, and strategy across product lines and industry forums. He leads architecture and standardization activities within the IIc and BBF and has served as an IETF Working Group chair for 15 years. Mike has led emerging technology projects within opensource communities and played a key role in the formation of OPEN-O (Now ONAP). He is an Ericsson alum where he developed and directed SDN/NFV network architectures. And for many years with Cisco, Mike supported customers, worked in development teams and managed mobility, wireless and video projects across BUs. Mike began his career supporting customers at Apple Computer. He resides in Orange County, CA

Industrial IoT and OT/IT Convergence

Michelle Holley

Cybersecurity has become a critical concern for businesses across all industries as they increasingly rely on digital technology to operate. In the face of evolving cyber threats such as ransomware attacks, data breaches, and other types of cyberattacks, organizations need to implement robust cybersecurity measures to protect their sensitive data, intellectual property, and reputation. Effective cybersecurity in industry requires a proactive approach to identify and address vulnerabilities and threats, including implementing firewalls, encryption, and multifactor authentication. It is also important for organizations to provide cybersecurity training to their employees and to develop incident response plans to minimize the damage in the event of a cyber attack. Additionally, complying with relevant regulatory requirements, such as the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA), is essential for maintaining customer trust and avoiding legal consequences. Ultimately, cybersecurity in industry is critical to maintaining the confidentiality, integrity, and availability of information and ensuring that businesses can continue to operate securely and efficiently in the digital age.

Cyber security and Industry.pptx

Sabahat Waheed

SCADA White Paper March2012

James Collinge, CISSP

Ο κ. Jan Kander, Sales Manager Ανατολικής Ευρώπης της Schneider Electric, παρουσίασε στην εκδήλωση Explore Innovation της Schneider Electric τις δυνατότητες που προσφέρει στη βιομηχανία μια σύγχρονη ολοκληρωμένη πλατφόρμα αυτοματισμού, ελέγχου και ασφάλειας εγκατάστασης που ενσωματώνει τεχνολογίες αιχμής και μακρόχρονη εμπειρία ποικίλων εφαρμογών, τόσο από την Ελλάδα όσο και από τον υπόλοιπο κόσμο.

Foxboro Evo DCS - Εκδήλωση Explore Innovation - Αθήνα, Ιούνιος 2016

Schneider Electric

Industrial Threats Landscape, H2'2017

Kaspersky

IoT_IO1_1 Introduction to the IoT-1.pdf

DanishMahmood23

Ot ics cyberattaques dans les organisations industrielles

Cisco Canada

What is next for IoT and IIoT

Ahmed Banafa

Power Grid Cybersecurity

OPAL-RT TECHNOLOGIES

The World's First Cyber Weapon - Stuxnet

Sean Xie

Cybersecurity for Control Systems: Current State and Future Vision pt.1

EnergySec

Internet of things startup basic

Mathan kumar

Nozomi Fortinet Accelerate18

Nozomi Networks

SYSTEM SECURITY - Chapter 1 introduction

Afna Crcs

Similar a [CLASS 2014] Palestra Técnica - Samuel Linares (20)

Introduction to Internet of Things (IoT)

2014 Cabling Installation & Maintenance: The Strange Physical World of Indust...

Profinet and the Industrial Internet of Things (IIoT) - Peter Thomas - Sept ...

IoT Landscape and its Key Trends in Deployment

2012 02 14 Afcom Presentation

Conférence ENGIE ACSS 2018

Industrial IoT and OT/IT Convergence

Cyber security and Industry.pptx

SCADA White Paper March2012

Foxboro Evo DCS - Εκδήλωση Explore Innovation - Αθήνα, Ιούνιος 2016

Industrial Threats Landscape, H2'2017

IoT_IO1_1 Introduction to the IoT-1.pdf

Ot ics cyberattaques dans les organisations industrielles

What is next for IoT and IIoT

Power Grid Cybersecurity

The World's First Cyber Weapon - Stuxnet

Cybersecurity for Control Systems: Current State and Future Vision pt.1

Internet of things startup basic

Nozomi Fortinet Accelerate18

SYSTEM SECURITY - Chapter 1 introduction

Más de TI Safe

CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...

TI Safe

CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...

TI Safe

CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...

TI Safe

CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...

TI Safe

CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...

TI Safe

CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...

TI Safe

CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...

TI Safe

CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...

TI Safe

CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...

TI Safe

CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...

TI Safe

Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...

TI Safe

CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...

TI Safe

CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...

TI Safe

CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...

TI Safe

CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...

TI Safe

CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...

TI Safe

CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...

TI Safe

Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...

TI Safe

Em 2020 o mundo experimentou uma situação inédita para a maioria dos seres humanos: uma pandemia global, provocada por um vírus desconhecido, que gerou mudanças significativas na vida de todos. No universo das empresas, foi observado um movimento de intensa digitalização de processos e adequação ao distanciamento social. Muitas delas, inclusive as indústrias, adotaram o trabalho remoto para seus colaboradores. Conforme as empresas adaptaram as suas operações, os criminosos também estabeleceram mudanças. São facilmente encontradas notícias relativas a golpes por email, WhatsApp e telefone. E com “chave de ouro”, 2021 foi aberto com o mega (ou seriaTera?) vazamento de dados de brasileiros, o que fornece mais combustível para esses golpes. O ICS-SOC (Centro de Operações de Segurança Cibernética Industrial, localizado no Rio de Janeiro) da TI Safe protege seus clientes contra ataques cibernéticos que possam afetar suas operações, fundamentais para a população e a cadeia de suprimentos do Brasil.Os dados de (milhões de) ataques de 2020, relativos a projetos desenvolvidos pela empresa, foram analisados para entender o aumento dos ataques em relação a 2019. Por uma questão de privacidade dos dados dos clientes, as informações serão apresentadas em percentuais.

Retrospectiva

TI Safe

Pacote TI Safe ONS Ready v1

TI Safe

Más de TI Safe (20)