[CLASS 2014] Palestra Técnica - Samuel Linares

1. 1 Linking Critical Infrastructure Protection and Industrial Cybersecurity: Is there a Cyber-Tsunami in waiting? Samuel Linares Industrial Cybersecurity Center (CCI) Director

2. 1957 Andreanof Islands EarthquakerMw9.1 1960 Chile Great EarthquakeMw9.5 Earthquake Research Institute, University of Tokyo 1964 Alaska EarthquakeMw 9.2 1952 Kamchatka EarthquakeMw9.0 2011 East Japan Great EarthquakeMw 9.0 2004 Indian Ocean EarthquakeMw9.0 2010 Chile EarthquakeMw8.8

3. Changing Environment?

4. Convergence

5. Physical & CyberWorlds Convergence Consequences: Intangible Web Portal unavailable No email Consequences: Tangible, Concrete Production Losses Environmental Damages Public Health Lower Company Valuation

6. 8 Convergence IT in the Industrial World

7. IT in the Industrial World Industrial Control Systems are NOT isolated anymore. They have moved Industrial devices have inherited all problems from IT from using dedicated serial lines to Ethernet or WiFi Now, most of industrial protocols are running over TCP/IP Industrial Control Systems use general purpose operating systems

8. 10 Different Cultures Convergence IT in the Industrial World

9. Plant vs IT vs Security Plant / IT Conflict: – “Watertight” environments. “Don’t get into my lot, and I won’t into yours” –Attention is not paid to communication interfaces between both worlds – Connection interfaces are no man’s land, and many times, unknown (others WWW… Wild Wild West ☺)

10. 12 ¿Security? Different Cultures Convergence IT in the Industrial World

11. SECURITY ¿Cyber Security? Physical Security Industrial Safety Environmental Safety

12. 14 Stuxnet

13. Stuxnet

14. 16 Project Basecamp & Project Robus

15. Project Basecamp SCADA Security Scientific Symposium (S4)

16. 18 Project Robus: Master Serial Killer • Objective: Analysis of Implementation of Industrial Protocols (First: DNP3) • DNP3: 15 advisories, 28 tickets reported • Fuzzing techniques • All devices analyzed vulnerables: only 2 ok! • Implementaciones se limitan a garantizar funcionalidad, pero no la seguridad • Hundreds of thousands vulnerable devices: much of them connected to Internet

17. Smart Grid and Internet of Things are coming… 19

18. Smart Grid

19. Internet of Things Internet de las Cosas

20. 22 Cybersecurity Strategies and Regulations

21. European Cyber Security Strategy CYBERSECURITY FRAMEWORK CIP Regulations

22. 24 Shodan

23. Shodan (www.shodanhq.com) • Internet search engine that indexes internet-connected services response (FTP, SSH, Telnet, HTTP, HTTPS, SNMP, uPNP, SMB…) • Provide cccess to millions of Internet-connected devices

24. 26

25. 27

26. 28

27. Project SHINE SHodan INtelligence Extraction Internet-facing Industrial Systems +2.000.000 Located in United States 30% ISP’s Dynamic Addresses 80%

28. 30 Shodan Demo

29. 33

30. 34

31. 35 Who's Really Attacking our ICS Devices?

32. • ONLY attacks that were targeted • ONLY attempted modification of pump system • ONLY attempted modification via Modbus/DNP3 • DoS/DDoS were considered attacks Kyle Wilhoit (Trendmicro)

33. …on the look-out

34. R Collaboration Commitment Coordination “C3R: Collaboration, Coordination and Commitment based Relationships”

35. Industrial Cyber Security Tsunami is here… Will you keep watching? Thank you Samuel Linares - @infosecmanblog – samuel.linares@cci-es.org

[CLASS 2014] Palestra Técnica - Samuel Linares

Estás leyendo una previsualización.

Eche un vistazo a continuación

[CLASS 2014] Palestra Técnica - Samuel Linares

Más Contenido Relacionado

Presentaciones para usted (20)

A los espectadores también les gustó (7)

Similares a [CLASS 2014] Palestra Técnica - Samuel Linares (20)

Más de TI Safe (20)

Más reciente (20)