The State of Industrial Control Systems Security and National Critical Infrastructure Protection



Similar documents
N-Dimension Solutions Cyber Security for Utilities

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Big Data, Big Risk, Big Rewards. Hussein Syed

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors

SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP

External Supplier Control Requirements

Roadmaps to Securing Industrial Control Systems

Are you prepared to be next? Invensys Cyber Security

What is Really Needed to Secure the Internet of Things?

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors

Industrial Security for Process Automation

Logging In: Auditing Cybersecurity in an Unsecure World

Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks

Cyber Security Controls Assessment : A Critical Discipline of Systems Engineering

Franchise Data Compromise Trends and Cardholder. December, 2010

Seven Strategies to Defend ICSs

The Business Case for Security Information Management

Enterprise Computing Solutions

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

ABB Automation Days, Madrid, May 25 th and 26 th, Patrik Boo What do you need to know about cyber security?

The Electronic Arms Race of Cyber Security 4.2 Lecture 7

Developing Secure Software in the Age of Advanced Persistent Threats

Effective Defense in Depth Strategies

Cloak and Secure Your Critical Infrastructure, ICS and SCADA Systems

Cyber Security :: Insights & Recommendations for Secure Operations. N-Dimension Solutions, Inc.

SCADA Security Training

Cyber Security in EU: ENISA approach

Keeping the Lights On

NATIONAL CYBER SECURITY AWARENESS MONTH

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Defending Against Data Beaches: Internal Controls for Cybersecurity

Robert Malmgren. Smart Grid. Security Challenges - Legacy and Infrastructure Burdens

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

ICS-CERT Incident Response Summary Report

New York State Energy Planning Board. Cyber Security and the Energy Infrastructure

Cyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services

INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION

Resilient and Secure Solutions for the Water/Wastewater Industry

DeltaV System Cyber-Security

ARC WHITE PAPER. Risk Drives Industrial Control System Cyber Security Investment VISION, EXPERIENCE, ANSWERS FOR INDUSTRY MAY 2011

The Cyber Threat Profiler

ICS CYBER SECURITY RKNEAL, INC. Protecting Industrial Control Systems: An Integrated Approach. Critical Infrastructure Protection

Security Testing in Critical Systems

8/27/2015. Brad Schuette IT Manager City of Punta Gorda (941) Don t Wait Another Day

How-To Guide: Cyber Security. Content Provided by

SCADA Cyber Security

Cybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015

Supporting our customers with NERC CIP compliance. James McQuiggan, CISSP

CYBERSECURITY: ISSUES AND ISACA S RESPONSE

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

Challenges in Industrial IT-Security Dr. Rolf Reinema, Head of Technology Field IT-Security, Siemens AG Siemens AG All rights reserved

Cyber Security in EU: ENISA approach

Cybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015

Defensible Strategy To. Cyber Incident Response

Course Design Document. Information Security Management. Version 2.0

Reducing the cost and complexity of endpoint management

Industrial Control System Cyber Security

CYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect SCADA & MES Schneider-Electric

The Protection Mission a constant endeavor

Cyber Security. John Leek Chief Strategist

Security Intelligence

SCADA / Smart Grid Security Who is really in control of our Control Systems?

EEI Business Continuity. Threat Scenario Project (TSP) April 4, EEI Threat Scenario Project

NERC CIP VERSION 5 COMPLIANCE

ICS-SCADA testing and patching: Recommendations for Europe

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

Incident Response. Proactive Incident Management. Sean Curran Director

Innovative Defense Strategies for Securing SCADA & Control Systems

A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS

September 20, 2013 Senior IT Examiner Gene Lilienthal

Cybercrime Security Risks and Challenges Facing Business

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Global Security Report 2011

Public Private Partnerships and National Input to International Cyber Security

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

13 Ways Through A Firewall

Mohamed ElHarras CIIP Strategies and Policies Executive Director

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

What is Cyber Liability

Vulnerability Analysis of Energy Delivery Control Systems

Incident Response. Six Best Practices for Managing Cyber Breaches.

As global mobile internet penetration increases the cybercrime and cyberterrorism vector is extended

Safe Network Integration

Transcription:

The State of Industrial Control Systems Security and National Critical Infrastructure Protection Emerging Threats Tinuade Adesina, Lulea University of Technology Sweden IT Security for the Next Generation European Cup, Prague 17-19 February, 2012

Agenda National Critical Infrastructure Protection (CIIP) Industrial Control Systems (ICS) Challenges and Vulnerabilities of ICS The Evolution of cyber attack goals The Evolution of Cyber attack methods National CIIP in the European Union Questions

Brazilian Blackout Traced to Sooty Insulators, Not hackers http://www.wired.com/threatlevel/2009/11/brazil_blackout/ PAGE 3 "IT Security for the Next Generation", European Cup 17-19 February, 2012

Critical Infrastructure Critical Information Infrastructure as a Pillar of other CI s Transport Safety- Emergency Services Government Water Chemicals Food - Agriculture Defense Industrial base Healthcare Legal/Judicial Finance Research facilities Energy Information and Communications Technology Commercial Facilities PAGE 4 "IT Security for the Next Generation", European Cup 17-19 February, 2012

Characteristics of Industrial Control Systems Challenges faced in ICS Security ICS components are distributed across distances via a communication network or media Deployed in unique environments Safety comes first CIA = AIC Industry standard is SRA = Safety Reliability Availability Remote access is commonly used to control components Human Operator input via HMI, software and hardware input on interrelated devices Interacting protocol stacks between endpoint devices PAGE 5 "IT Security for the Next Generation", European Cup 17-19 February, 2012

Characteristics of Industrial Control Systems Common Vulnerabilities Weak network perimeters Vulnerability patching effort vs vulnerability disclosure is controversial (Siemens Simatic WinCC ) Exposure to traditional IT domain vulnerabilities: Man In The Middle attacks Buffer Overflows Vulnerable off the shelf code Improper cyber security practices : Password management Executive security ownership Operator security training Enforcement of compliance standards PAGE 6 "IT Security for the Next Generation", European Cup 17-19 February, 2012

The Evolution of ICS Cyber Attack Goals Symantec,2010 common attack vectors vs reported incidents Turk,2005 Hactivism Steal electronic information Shut down or degrade computer networks Alter or destroy electronic information on network Manipulate physical equipment through control network Unknown Information or Electronic warfare Financial gain Audit or pern-test Software error Personal Curiosity(malicious or otherwise) User or administrator error Infect Malware 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% PAGE 7 "IT Security for the Next Generation", European Cup 17-19 February, 2012

The Evolution of Cyber Attack Methods Sophisticated Malware and Network Discovery Stuxnet est. compile date : June 2009 Identified : June 2010 Kill date: 24 th June 2012 Duqu est. compile date : 3 rd November 2010 Identified: 1 st September 2011 Active lifetime : 36 days SHODAN : Expose Online Devices http://www.shodanhq.com/ ERIPP: Every Routable IP Project http://eripp.com/ PAGE 8 "IT Security for the Next Generation", European Cup 17-19 February, 2012

Government as the chief stakeholder ICS Security within CIIP planning, The EU and the USA USA DHS Office of Cybersecurity &Communications National Protection and Programs Directorate US-CERT Control Systems Security Program (CSSP) European Union ENISA- Resilience Strategy National governments- sovereign structures The Networked Readiness Index ( OECD) PAGE 9 "IT Security for the Next Generation", European Cup 17-19 February, 2012

National Critical Infrastructure Protection Plans Conclusion Measuring National CIP Activity Law mapping Critical Infrastructure environment Outlined National CIIP plan Active Regulatory Policies Documentation of efforts and guidelines Active CIIP projects Stakeholder engagement Information sharing and awareness programs Government Regulatory Body Vendor Operator PAGE 10 "IT Security for the Next Generation", European Cup 17-19 February, 2012

What is your awareness of the critical infrastructure plans being discussed within your country? Symantec 2010 Critical Infrastructure Protection Global Study I am completely aware of the plans 33% I am somewhat familiar with the plans 22% I have heard of them, but I am not very familiar 20% It sounds vaguely familiar, but I cannot place it 9% I am completely unaware of these plans 16% Symantec, 2010 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50% PAGE 11 "IT Security for the Next Generation", European Cup 17-19 February, 2012

Conclusion What should we be doing? A Hierachy of Obligations Government Creation of national frameworks for CIIP and there in ICS Enabling cross border cooperation, national awareness programmes Regulatory bodies Information sharing- coordination among stakeholders Instituting compliance standards and guidelines on CII Vendors Enhanced built in security tools and design for ICS Cooperation with infrastructure providers on industry standards Infrastructure providers-system operators Security strategy review: risk awareness, vulnerability assessments, compliance management Endpoint defense in depth strategy PAGE 12 "IT Security for the Next Generation", European Cup 17-19 February, 2012

Thank You Tinuade Adesina, Lulea University of Technology Sweden IT Security for the Next Generation European Cup, Prague 17-19 February, 2012

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information