Preventing Cyber Security Attacks Against the Water Industry

Similar documents
SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP

Decrease your HMI/SCADA risk

CYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect SCADA & MES Schneider-Electric

Resilient and Secure Solutions for the Water/Wastewater Industry

Critical Infrastructure & Supervisory Control and Data Acquisition (SCADA) CYBER PROTECTION

Rethinking Cyber Security for Industrial Control Systems (ICS)

7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008

Three Simple Steps to SCADA Systems Security

Healthcare Security Vulnerabilities. Adam Goslin Chief Operations Officer High Bit Security

for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs

Innovative Defense Strategies for Securing SCADA & Control Systems

CERIAS Tech Report Mapping Water Sector Cyber-Security Vulnerabilities by James H. Graham, Jeffrey L. Hieb and J. Chris Foreman Center for

Cyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services

ISACA rudens konference

The Importance of Cybersecurity Monitoring for Utilities

Improving Water and Wastewater SCADA Cyber Security

New Era in Cyber Security. Technology Development

8/27/2015. Brad Schuette IT Manager City of Punta Gorda (941) Don t Wait Another Day

Verve Security Center

IT Security and OT Security. Understanding the Challenges

Cyber Security Incident Handling Policy. Information Technology Services Center (ITSC) of The Hong Kong University of Science and Technology

SCADA Security Training

Protecting productivity with Plant Security Services

Integrating Electronic Security into the Control Systems Environment: differences IT vs. Control Systems. Enzo M. Tieghi

State of the State of Control System Cyber Security

Are you prepared to be next? Invensys Cyber Security

SECURE AND FUTURE-READY SCADA CONTROL SYSTEMS PREPARE YOUR CRITICAL INFRASTRUCTURE FOR WHAT HAPPENS NEXT

The Four-Step Guide to Understanding Cyber Risk

Critical IT-Infrastructure (like Pipeline SCADA systems) require cyber-attack protection

Defensible Strategy To. Cyber Incident Response

WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.

IT Security Incident Management Policies and Practices

F G F O A A N N U A L C O N F E R E N C E

SCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards

Vulnerabilities in SCADA and Critical Infrastructure Systems

INFORMATION SECURITY FOR YOUR AGENCY

OPC & Security Agenda

SBA Cybersecurity for Small Businesses. 1.1 Introduction. 1.2 Course Objectives. 1.3 Course Topics

Designing a security policy to protect your automation solution

Cyber Self Assessment

How Secure is Your SCADA System?

Managed Hosting & Datacentre PCI DSS v2.0 Obligations

A Wake-Up Call? Fight Back Against Cybercrime. Prepared for: Ricky Link Managing Director, Southwest Region May 15, 2014

A Concise Model to Evaluate Security of SCADA Systems based on Security Standards

Cyber Security in a Modern Process Network. Philip Nunn Product Manager - Industrial Networks

WWHMI SCADA-12 Cyber Security Best Practices in the Industrial World

AUDITOR GENERAL S REPORT. Protection of Critical Infrastructure Control Systems. Report 5 August 2005

Security Testing in Critical Systems

TRIPWIRE NERC SOLUTION SUITE

Dr. György Kálmán

Cyber Security Presentation. Ontario Energy Board Smart Grid Advisory Committee. Doug Westlund CEO, N-Dimension Solutions Inc.

Information Security Organizations trends are becoming increasingly reliant upon information technology in

DATA BREACH BREAK DOWN LESSONS LEARNED FROM TARGET

Waterfall for NERC-CIP Compliance

Holistic View of Industrial Control Cyber Security

a Post-Stuxnet World The Future of Critical Infrastructure Security Eric Byres, P.Eng.

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

The first step in protecting Critical Cyber Assets is identifying them. CIP-002 focuses on this identification process.

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist

New York State Energy Planning Board. Cyber Security and the Energy Infrastructure

The State of Industrial Control Systems Security and National Critical Infrastructure Protection

Security in SCADA solutions

How To Create An Ics Network With A Network Of Nodes

Industrial Security for Process Automation

Five keys to a more secure data environment

Utility Telecom Forum. Robert Sill, CEO & President Aegis Technologies February 4, 2008

John M Shaw Presentation to UTC Region 7 February 19, 2009 jshaw@garrettcom.com

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/

Impact of Data Breaches

CYBER INFORMATION SECURITY AWARENESS AND PROTECTION PRACTICES. Strengthening Your Community at the Organizational Level

NERC CIP Whitepaper How Endian Solutions Can Help With Compliance

DeltaV System Cyber-Security

SCADA Cyber Security

How To Protect Water Utilities From Cyber Attack

CYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES

Safe Network Integration

Breakthrough Cyber Security Strategies. Introducing Honeywell Risk Manager

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014

ABB s approach concerning IS Security for Automation Systems

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Rebecca Massello Energetics Incorporated

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

CLOUD BASED SCADA. Removing Implementation and Deployment Barriers. Liam Kearns Open Systems International, Inc.

Keeping the Lights On

LogRhythm and NERC CIP Compliance

CYBER SECURITY. Is your Industrial Control System prepared?

INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION

What is Cyber Liability

Cyber Essentials Scheme

PCI Compliance for Healthcare

Critical Controls for Cyber Security.

Transcription:

Preventing Cyber Security Attacks Against the Water Industry Presented by Michael Karl October 2012

Acknowledgements Infracri5cal SCADA Security Newsgroup CH2M HILL, Automa5on Cyber- Security Prac5ce Team All the folks at McAfee (thanks for your help and support) The Department of Homeland Security CSSP Invensys/Wonderware Cri5cal Infrastructure & Security Prac5ce Team

Our World is Changing

The Threat is Real! Overview of the DHS program Why control systems are vulnerable to attack Case study New Industry Trend

What is needed to perform a hack? Attacker (Threat Agent) Communications channel Weakness (vulnerability) Targeted device 4 Hacker Virus Malware Insider Vendor Activist group Organized crime Dial-up telephone Cellular communications Leased communication Satellite Internet LAN/WAN Wireless/WiFi Removable media Laptops Poor policy Insufficient firewall Windows updates Application patches Poor configuration network Poorly configured application Default passwords HMI work station Application server Historian server PCs Radio equipment PLC RTU

We can improve Security and Reliability! With proper tools your systems can be secure Reduce our exposure against the most likely and probable threats Security improvements will reduce operational risk Balance risk reduction with the cost of security measures Security Risk

Media Coverage 6 Pump destroyed at water plant Springfield, IL o Believed to be due to cyberattack (not confirmed by DHS). o Story covered by news media such as the Washington Post, Fox News, CNN, and MSNBC o Even though unconfirmed, the utility was in the national spotlight for weeks Texas SCADA system hacked and screenshots of HMI released Response to DHS downplay of IL incident Again carried by major news media Used a virtual network connection with the internet with simple password to access network

Questions and Comments from the Industry Myths Ques5ons from Management I m secure, I m not connected to the Internet. Public Works Director What is the real risk to us? I m secure, I have three passwords What is the golden solu5on? before I can connect Opera5ons Manager What needs to be protected? Using Passwords takes too long and I What do I need to do? 8 can t respond to emergencies Wastewater systems aren t in jeopardy Lead Maintenance Mgr. Cyber security is like an arms race there is no silver bullet Michael Assante Chief Security Of:icer NERC

Case Study - Typical SCADA Assessment SCADA System Supported by Local Integrator Part of the system is new, Others > 25 years old Software/Hardware was typical common equipment from the NW Public Works Director Stated the following: I want to perform due-diligence and have our system evaluated by a third party I know our system isn t connected to the internet I am not using Windows 7 yet so I m a bit nervous I also realize that an Security assessment provides information that assist in knowing where our single points of failure are.

More details SCADA covered a master site and remote facilities SCADA system had historian, HMI nodes and alarm notification software Local Ethernet network Local PLCs for control Radio network for telemetry communications Remote PLCs 10

Phased SCADA Evaluation 11 Phase 1 Review SCADA communication network Evaluate the security of remote access Phase 2 Implement recommendations found in Phase 1 Perform training for utility staff Develop policy and procedures for maintaining software and network Phase 3 Implement the NIST SP 800-82 guide for SCADA security

Approach to Phase 1 Request for documenta5on Debriefs Management Systems Integrator Opera5ons staff IT staff Perform on- site forensics (physical and cyber) on SCADA assets 12

Findings of preliminary assessment SCADA directly connected to internet IT group didn t understand the importance of SCADA Know vulnerabili5es with PLC Programming So]ware HMI So]ware Remote Access So]ware Radio network open to the world Surprises - No redundancy and not one backup 13

How do I meet Due Diligence? Perform an evalua5on Implement tools Implement policies Don t forget physical securi5es Perform regular evalua5ons

Great Job - The New Industry Trend Being a Healthy Skep5c Understanding Cyber Security isn t just protec5ng against Hackers Thank you for your willingness to change! Implemen5ng mul5- factor security Having firm provide Perform a Table Top Exercise as you would with redundancy

Open Discussion Forum

Thank You! Questions? Contact Informa5on Michael.Karl@ch2m.com 425.749.2020

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information