The Battlefield. critical infrastructure:



Similar documents
Cyber Threats Insights from history and current operations. Prepared by Cognitio May 5, 2015

Public Private Partnerships and National Input to International Cyber Security

Online International Interdisciplinary Research Journal, {Bi-Monthly}, ISSN , Volume-III, Issue-IV, July-Aug 2013

What legal aspects are needed to address specific ICT related issues?

Cyber Security Strategy of Georgia

Cybercrime Security Risks and Challenges Facing Business

Internet Safety and Security: Strategies for Building an Internet Safety Wall

Who Are The Enemies? What Can They Do?

Cyber security: Practical Utility Programs that Work

The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco.

UK Networks & Security An Overview. Dr Andrew Powell, ENISA Workshops on CERTs in Europe, 29 May 2008

Trends and Tactics in Cyber- Terrorism

Cyber Security Strategy for Germany

Certified Cyber Security Analyst VS-1160

Cyber Adversary Characterization. Know thy enemy!

TYPES, PREVALENCE, AND PREVENTION OF CYBERCRIME. Haya Fetais & Mohammed Shabana. Saint Leo University COM- 510

Network Instruments white paper

EEI Business Continuity. Threat Scenario Project (TSP) April 4, EEI Threat Scenario Project

NCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15.

Ten Steps for Preventing a terrorist Attack

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

The trend of the Cyber Security and the efforts of NEC. December 9 th, 2015 NEC Corporation

Cyril Onwubiko Networking and Communications Group ncg.kingston.ac.

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals

Cyber security Country Experience: Establishment of Information Security Projects.

CONSULTING IMAGE PLACEHOLDER

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

Cyber Security Controls Assessment : A Critical Discipline of Systems Engineering

Cyber Threats in Physical Security Understanding and Mitigating the Risk

EXTREME CYBER SCENARIO PLANNING & ATTACK TREE ANALYSIS

CYBER SECURITY IN INDIA'S COUNTER TERRORISM STRATEGY

OCR LEVEL 3 CAMBRIDGE TECHNICAL

Disaster Recovery. 1.1 Introduction. 1.2 Reasons for Disaster Recovery. EKAM Solutions Ltd Disaster Recovery

Beyond Effective Security. The Art and Science of Business Continuity Planning

What You Should Know About Cloud- Based Data Backup

Chapter 4 Information Security Program Development

Roles and Responsibilities of Cyber Intelligence for Cyber Operations in Cyberspace

Security Information Management (SIM)

STATE OF CYBER SECURITY IN ETHIOPIA

Legal Issues / Estonia Cyber Incident

Business Continuity Planning (BCP) / Disaster Recovery (DR)

Bio-inspired cyber security for your enterprise

A SWOT ANALYSIS ON CISCO HIGH AVAILABILITY VIRTUALIZATION CLUSTERS DISASTER RECOVERY PLAN

Training Courses Catalog 2015

Security Type of attacks Firewalls Protocols Packet filter

SECURITY ASPECTS IN MOBILE AD HOC NETWORK (MANETS)

2 Gabi Siboni, 1 Senior Research Fellow and Director,

How Secure is Your SCADA System?

CYBER SECURITY IN INDIA

GCC Homeland Security in a New Order. Dr. Theodore Karasik Director of Research and Consultancy INEGMA. September 2013

Cyber/ Network Security. FINEX Global

HOW TO PREVENT DDOS ATTACKS IN A SERVICE PROVIDER ENVIRONMENT

Analytic and Predictive Modeling of Cyber Threat Entities J. Wesley Regian, Ph.D.

Capabilities for Cybersecurity Resilience

Are you prepared to be next? Invensys Cyber Security

DASTA Guide to Business Continuity (BC) and Disaster Recovery (DR) Planning

FlowMon. Complete solution for network monitoring and security. INVEA-TECH

National Cyber Security Month 2015: Daily Security Awareness Tips

Good Security. Good Business

Information Technology Cyber Security Policy

資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview. Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系

Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia

Hybrid Warfare & Cyber Defence

Adaptive IPS Security in a changing world. Dave Venman Security Engineer, UK & Ireland

Defending Against Data Beaches: Internal Controls for Cybersecurity

Course Title: HSE-101 Introduction to Homeland Security Prerequisites: None Credit Hours: 3 lectures, 3 hours

Security and Risk Analysis of VoIP Networks

U.S. DoD Physical Security Market

Managed Security Services

From Big Data to Rich Data How Data Analytics Add Value to Security Risk Management. Patrick Hennies, Rainer Rex 15th European ASIS, 04/08/2016

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED


Principle of Information Security. Asst. Prof. Kemathat Vibhatavanij Ph.D.

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors

NCUA LETTER TO CREDIT UNIONS

Image credits: Front cover: U.S. Army photo by Sgt. Brandon Little, Task Force XII PAO, MND-B Inside back cover: U.S Army photo by Staff Sgt.

SECURITY CONSIDERATIONS FOR LAW FIRMS

Tunisia s experience in building an ISAC. Haythem EL MIR Technical Manager NACS Head of the Incident Response Team cert-tcc

Designing a security policy to protect your automation solution

Protecting Organizations from Cyber Attack

Oil & Gas Industry Towards Global Security. A Holistic Security Risk Management Approach.

CRITICAL INFRASTRUCTURE PROTECTION BUILDING ORGANIZATIONAL RESILIENCE

Cyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime?

Cyber Security Operations Centre Reveal Their Secrets - Protect Our Own Defence Signals Directorate

Transcription:

CIP A Business View Rolf Schulz CEO Definition critical infrastructure: 1. Elements of a system that are so vital that disabling any of them would incapacitate the entire system. 2. [In security,] those physical and cyberbased systems essential to the minimum operations of the economy and government. [INFOSEC-99] Slide No.: 2 / Rolf Schulz / CEO / GNS GmbH / The Battlefield Slide No.: 3 / Rolf Schulz / CEO / GNS GmbH /

/ Rolf Schulz / CEO / GNS GmbH / Slide No.: 4 Base infrastructure Vulnerabilities Only major incidents, like Dam failure environmental causes engineering causes Natural disaster Earthquakes» Japan or West Coast USA flood disaster storms Sabotage Terrorism - large scale attacks ABC attacks War / Rolf Schulz / CEO / GNS GmbH / Slide No.: 5 Electrical Power Infrastructure Vulnerabilities Natural disaster same as to base infrastructure Sabotage Engineering causes Construction Work External, IT based attacks against control software (even via Internet) COTS commercial off the shelf software Terrorism - medium to small scaled attacks WAR Slide No.: 6 / Rolf Schulz / CEO / GNS GmbH / 2

Network Infrastructure Vulnerabilities Natural disaster same as to base infrastructure Construction Work!!!! 50% of Frankfurt City Net down due to a digger Sabotage 1999, the glass fiber cables of Lufthansa were cut by a unknown person. Terrorism - medium to small scaled attacks War Slide No.: 7 / Rolf Schulz / CEO / GNS GmbH / Generell Infrastructure Risk Who is the real owner of the infrastructure More and more Infrastructure is sold to foreign companies Glass fiber Power lines Telecommunication lines Water Reason : Savings Lease-Back No control on Hard- and Software And in an emergency case??? National impact??? Slide No.: 8 / Rolf Schulz / CEO / GNS GmbH / Transport Service Infrastructure Vulnerabilities IT Layer 2-4 attacks DoS, ARP-Spoofing, etc... Maintenance & Administration Broadcast Storm renders corporate network useless during main business hours wrong Port configuration on a switch Hardware Failure Interception of Services Slide No.: 9 / Rolf Schulz / CEO / GNS GmbH /

Service Layer Vulnerabilities IT Layer 5-7 attacks E.g. manipulation of data, attacks of e-commerce systems etc. (Global) DNS attacks Backdoors hostile programmers official backdoors Manipulation of Services Slide No.: 10 / Rolf Schulz / CEO / GNS GmbH / And the Enemy? Slide No.: 11 / Rolf Schulz / CEO / GNS GmbH / Security Quo vadis Hacker Internal risk Cyber crime InfoWar -- calculable and mostly- predictable, prevention possible hard to guess, best to cover with organizational measures prevention not really possible no prevention without support from the government Slide No.: 12 / Rolf Schulz / CEO / GNS GmbH /

The Hacker Hackers World Ordinary hacker very active, sometimes annoying, sometimes helpful Hacker by chance more than annoying, often dangerous he does not know, what he s doing Politically motivated hacker a worldwide problem not to be ignored. Professional hacker works accurately, mostly invisibly, a mercenary Organized crime hacker very dangerous, with company, high skilled Slide No.: 13 / Rolf Schulz / CEO / GNS GmbH / Internal Risks The employee A trusted person Lives from 8 to 5 no private background visible Anonym to his superior (Mostly) no background checks possible Often popular to his comrades Knows the company Knows the assets Knows all vulnerabilities The perfect Risk Slide No.: 14 / Rolf Schulz / CEO / GNS GmbH / Cybercrime Definition Cyber Crime refers to all the activities done with criminal intent in cyberspace or using the medium of Internet. These could be either the criminal activities in the conventional sense or activities, newly evolved with the growth of the new medium. Often combines traditional crime with IT related crime (blended attack) Mostly controlled by the organized crime Motivation Enrichment Terrorism Revenge Slide No.: 15 / Rolf Schulz / CEO / GNS GmbH /

C4I C4i means Command & Control, Communications, Computers and Intelligence or Information Warfare Military playground for IT related attacks Targets : infrastructure of a nation, society, community military infrastructure One goal is to destroy the critical infrastructure like energy, transport, communication, financial business, etc. by the use of IT related attacks. Examples are viruses, worms or DoS/DDoS attacks Another goal is to manipulate or destroy military structures like Command & Control or Communications Alongside the use of IT related attacks also weapons like EMPs or High Power Microwave (HPM) Systems will be part of the attack scenario Slide No.: 16 / Rolf Schulz / CEO / GNS GmbH / Intelligence? Slide No.: 17 / Rolf Schulz / CEO / GNS GmbH / Who s the enemy?? Know your enemy Who is your enemy? What are the attackers goals? How is his skill? What are his weapons? What is his motivation? How is his internal communication organized? What does he knows about you???? Slide No.: 18 / Rolf Schulz / CEO / GNS GmbH /

Some definition s Intelligence Provision of information about the enemy and his possibilities Battlefield Intelligence Provision of information about the enemy during a battle his resources, tactics etc. Map out your own strategy Works hand in hand with Intelligence (Well...) Slide No.: 19 / Rolf Schulz / CEO / GNS GmbH / The Reality... What do we know about an IT attack and the people behind it? And when do we have the information? Intelligence negative (rumors, black hat talking, so called insider information, etc.) Battlefield intelligence minimum, but you cannot expect more Defense strategy uncoordinated Efficiency nonexistent Slide No.: 20 / Rolf Schulz / CEO / GNS GmbH / Lessons Slide No.: 21 / Rolf Schulz / CEO / GNS GmbH /

Germany and the RAF The activities of the terrorist group RAF (Rote Armee Fraktion) were crucial for the German banks to take measures in protecting their infrastructure In the late 80 s, after the assassination of Alfred Herrhausen (Speaker of the Board, Deutsche Bank), a van filled with explosives, was found close to the IT Center of a German bank. The explosion would have destroyed the whole building. Slide No.: 22 / Rolf Schulz / CEO / GNS GmbH / Germany and the RAF Several attacks against Financial Institutions in Germany between 1970 and 1990 Bomb attacks Assassinations Kidnappings Extortions Bank robbery And the reaction? High availability for all critical systems and networks Contingency organization and exercises Rules and regulations from financial associations and the Ministry of Finance ( e.g. backup regulations, MaH Minimum requirements Trade) etc. Slide No.: 23 / Rolf Schulz / CEO / GNS GmbH / Typical Infrastructure today Minimum of two IT centers (primary and backup) Redundant glass fiber rings with separate routing (city net) Minimum of two separate house connections for data and power Two separate power links Minimum of two separate risers for the backbone inside a building, armored tubes for the cables Emergency workplace Backup Locations Continuity center Slide No.: 24 / Rolf Schulz / CEO / GNS GmbH /

Typical Infrastructure today Minimum of three access points for the national and international network Minimum of 3 Pop's from different carriers and on different locations Three redundant basis services like ATM, Gigabit Ethernet und Dark Fiber Emergency power generator system UPS for all systems in IT center Slide No.: 25 / Rolf Schulz / CEO / GNS GmbH / Examples Bank lost Branch in WFC on 9/11 No losses, only minor injuries Bank was back to business 24h later via backup location in Rye / New York (20 miles) Flood disaster in Prag All major carrier lost equipment Lot s of outages in the town over several days Business restarted 24h later via backup location Slide No.: 26 / Rolf Schulz / CEO / GNS GmbH / CIP Slide No.: 27 / Rolf Schulz / CEO / GNS GmbH /

Excerpt from : T H E N AT I O N A L S T R AT E G Y T O S E C U R E C Y B E R S PACE... In general, the private sector is best equipped and structured to respond to an evolving cyber threat...public-private engagement is a key component to secure cyberspace... A federal role in these and other cases is only justified when the benefits of intervention outweigh the associated costs. This standard is especially important in cases where there are viable private sector solutions for addressing any potential threat or vulnerability. Slide No.: 28 / Rolf Schulz / CEO / GNS GmbH / Government s Role International Coordination International cooperation, political preparation National Coordination Single Points of contacts (Cyber Squat, Alerting Service, National CERT for Support for non Cert Constituencies ) Attack assessment Classification of attacks Forensic / Analysis something like a National Forensic Center Research Activities Sponsoring of initiatives Support of Universities Slide No.: 29 / Rolf Schulz / CEO / GNS GmbH / Government s Role National Alarming Service Intelligence Information is a crucial factor. The government has the resources for such a cyberintelligence-service Research Support of Universities, Sponsoring (together with industry) Awareness Programs Exercises CERT Coordination contingency training Slide No.: 30 / Rolf Schulz / CEO / GNS GmbH /

The private industrie s role Technical (know how) and organizational support Private Industry has the know how, the experience, and the key technology Information Exchange Private industry could provide different kinds of information. A good starter can be statistical information on attacks from network IDS systems Awareness Training Research, Training and Education CERT Team Contact to national and international Certs Know How Pool Slide No.: 31 / Rolf Schulz / CEO / GNS GmbH / How can this work? Establish communication Make sure, to understand the different cultures between government and industry Involve not only the upper management, talk to the experts and convince them Show the benefit for all involved partners Make sure to have an open communi-cation - don t classify everything Slide No.: 32 / Rolf Schulz / CEO / GNS GmbH /

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information