The Changing Threat Surface in. Embedded Computing. Riley Repko. Vice President, Global Cyber Security Strategy

Size: px

Start display at page:

Download "The Changing Threat Surface in. Embedded Computing. Riley Repko. Vice President, Global Cyber Security Strategy"

Edgar Allen
8 years ago
Views:

1 The Changing Threat Surface in Embedded Computing Riley Repko Vice President, Global Cyber Security Strategy

2 Embedded Computing History First embedded system was the Apollo Guidance Computer First integrated circuit-based computers First alphanumeric/keypad user interface Designed by Charles Stark Draper at the MIT Instrumentation Laboratory Program was responsible for reducing the price of NAND gate integrated circuits from $1000 each to $3 each Enabled commercialization of embedded computers 2

Stark Draper at the MIT Instrumentation Laboratory Program was responsible for reducing the price

3 Embedded Computing History (2) 1970s: First microprocessor (Intel 4004) designed originally for calculators 1980s: First microcontroller (Intel 8742) integrated memory into the same chip to simplify application in embedded systems It became more cost effective to use digital controls (e.g. Intel 4004 buttons) rather than analog controls (e.g. knobs) By 1980s embedded computing had become a mainstream component of consumer electronics Intel

embedded systems It became more cost effective to use digital controls (e.g. Intel 4004 buttons) rather than analog controls (e.

5 Modern Embedded Systems Pacemaker

6 Thermostat Cutlery Toys Power Grid 4 How is the Threat Surface Changing? Embedded systems are becoming much more complex Moore s law allows systems to be much more capable Allows developers to leverage third party libraries with less concern over meeting real-time

7 operating system (RTOS) timing constraints Integration of network and graphical user interfaces Opportunities for supply chain attacks and software bugs in more complex systems Internet of Things Internet connection for consumer electronics Lack of security on interfaces Rapid innovation without security standards Vulnerable AND connected to the Internet 5

systems Internet of Things Internet connection for consumer electronics Lack of security

8 Threat Model vs. Threat Surface Adversary System Policy Gaps Goals Policies Exploits T T h h r r e e a a

9 Adversary t t Implementation System Security S M u Capabilities o r Flaws Mechanisms f d a e c l e System Security Adversary Gaps in Detection Vulnerabilities Detection and

10 Accesses and Remediation Remediation Rate of Change Need to Better Increasing Manage 6

11 Security Best Practices To date security has focused on achieving security through compliance Most recent/famous example is the SANS Institute top 20 security controls Goal: If you comply with the security controls then your threat surface is manageably small

is the SANS Institute top 20 security controls Goal: If you

12 Problem: does not take into consideration the threat model May be overkill (unnecessarily expensive to implement) May be too little (insufficiently effective against nation-state APTs) 7

13 Failure of Security Mechanisms 8 Changing Landscape Executive Order issued in 2013 seeks to secure US critical infrastructure against increasing threat Critical infrastructure relies on a mixture of:

14 Information Technology (IT): standard computers and networks that can be secured using conventional security tools Operational Technology (OT): embedded and proprietary computers and networks that currently lack tools to effectively secure their operations The NIST Cybersecurity Framework provides a framework in which to consider cybersecurity New emphasis on risk-based approaches to cybersecurity Compliance-based approaches using best practices should provide an 80% solution but need to be customized based on the threat model Measure indicators of cybersecurity risk to assess whether security is getting better or worse 9

which to consider cybersecurity New emphasis on risk-based approaches to cybersecurity Compliance-based approaches using best practices should provide an 80%

15 10 How is the Threat Model Changing? Industrial Control Systems (ICS) is increasingly targeted Why? New frontier for hackers as modern operating systems make hacking traditional IT targets more

16 difficult and less interesting More devices are connected to the Internet increasing opportunity Interest from nation-state actors and hactivists in being able to cause infrastructure outage No expectation of immediate use of vulnerabilities other than to demonstrate capabilities to adversaries Arms race for vulnerability development against ICS Combination of increased hacker interest and increased vulnerability leads to significant increase in risk 11

vulnerabilities other than to demonstrate capabilities to adversaries Arms race for vulnerability development

18 Embedded System Risk Pacemakers Automotive UAV Hijacking Smart Meters Appliances 12

19 Bad Actors Ellyne Phneah, China main source of cyberespionage attacks in 2012, ZDNet, April

22 What Do We Do? 1. Hybrid strategy of compliance (best practices) and risk-based metrics to assess whether security is getting better or worse 5. Update security policies and 2. Integration of existing IT defensive countermeasures security tools and OT security based on threats to ensure (yet to be developed in most closed-loop process cases) tools to protect networks 4. Formulation of new approaches to attack response

23 3. Integration of traditional IDS and digital forensics to cope monitoring and new IDS-like with threats in ICS tools relevant to OT networks environments Need environment-relevant IT security tools Need new OT tools for Protect/Detect/Respond Need new environment-relevant approaches to risk management 14

24 ISA-99 Standards for Control Systems 15 Chemring Focusing on products and services to address the OT security gap, integrating across the entire NIST

25 CSF Partnering with companies to mature technologies for addressing OT security gaps in protection, detection, and response Partnering with companies to provide threat identification and recovery services Contact Riley Repko VP Global Cybersecurity Strategy 16

Risk Management in Practice A Guide for the Electric Sector

Risk Management in Practice A Guide for the Electric Sector Annabelle Lee Senior Technical Executive ICCS European Engagement Summit April 28, 2015 Before we continue let s get over our fears and myths