SlideShare a Scribd company logo

Cybersecurity in Industrial Control Systems (ICS)

Joan Figueras Tugas
Joan Figueras Tugas

Presented at ISACA's EuroCACS 2015 (Copenhaguen). Understand the impact of Industrial Control Systems (ICS) on the security ecosystem. Expand the knowledge on SCADA systems and how cyberattacks can have physical consequences, bridging the cyber and physical worlds.

Technology
1 of 24
Download to read offline
Juan Figueras, CISA
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS AGENDA • Introduction to Industrial Control Systems • Security Concerns (Cyber Incidents, CERT) • Threats and Vulnerabilities (ICS Exploitation, SHODAN) • IT/OT Convergence (Security Principles, Countermeasures) • Best Practices, Guidelines and Frameworks Juan Figueras, CISA Security & Privacy Consultant
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS INTRODUCTION Industrial processes • Manufacturing • Smart Grid • Utilities • Oil & Gas • Transport • Telecomm • Chemicals
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS DEFINITION Industrial Control Systems (ICS) are command and control network and systems designed to support industrial processes[1] [1] ENISA “Protecting Industrial Control Systems. Recommendations for Europe and Member States” (2011)
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS COMPONENTS • IED – Intelligent Electronic Device • RTU – Remote Terminal Units • PLC – Programmable Logic Controllers • DCS – Distributed Control Systems • HMI – Human-Machine Interfaces • SCADA – Supervisory Control and Data Acquisition
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS COMPONENTS SCADA DCS RTU PLC HMI IED
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS SECURITY CONCERNS • Weak communication protocols – Lack of authentication in most cases – Lack of encryption • Weak passwords – Default passwords – Insecure password management • Poor QoS (Quality of Service) – DoS “friendly” • Internet connected web servers without protection • Difficult or nonexistent patching – “If it isn’t broke, don’t fix it” – Extensive use of Windows XP
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS CYBER INCIDENTS Attack Year Description Vector Outcome Motivation German Steel Mill Cyber Attack 2014 Malware to gain access to the corporate network an then moved into the plant network Spear Phishing email Physical damage Unknown DragonFly 2014 Campaign against energy companies compromising ICS equipment SQL Injection & Remote Access Trojan Sabotage Espionage / Sabotage Telvent Canada attack 2012 Access to SCADA Admin Tools Malware New project files stolen Information Thief Stuxnet 2010 Rootkit to take control of ICS of nuclear power plants Infected USB flash drive Systems stop Sabotage Baku – Tbilisi - Ceyhan (BTC) pipeline attack 2009 Access to the pipeline’s control System to supress alarms ans manipulate the process Physical access to network Temporary disruption in pipeline transfers Geopolitics (?)
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS-CERT MONITOR 245 incidents received by ICS-CERT in 2014 [2] [2] ICS-CERT Monitor, September 2014 - February 2015, NCCIC
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS-CERT MONITOR 245 incidents received by ICS-CERT in 2014 • Unauthorized access and exploitation of Internet facing ICS/Supervisory Control and Data Acquisition (SCADA) devices • Exploitation of zero-day vulnerabilities in control system devices and software • Malware infections within air-gapped control system networks • SQL injection via exploitation of web application vulnerabilities • Network scanning and probing • Lateral movement between network zones • Targeted spear-phishing campaigns
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS-CERT MONITOR
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS EXPLOITATION: SHODAN DEMO (I) Gathering information
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS EXPLOITATION Project SHINE, uncovered that over 1 million SCADA / ICS systems are connected to the internet with unique IPs, and this figure is growing by between 2000 – 8000 per day.
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS EXPLOITATION: SHODAN DEMO (II) Common ICS ports port 102 Siemens S7 port 502 Modbus port 789 Red Lion port 20000 DNP3 port 34980 EtherCAT port 34962 PROFINET port 44818 EtherNet/IP port 47808 BACnet/IP
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS EXPLOITATION Open Sourced Vulnerability Database (http://www.osvdb.org)
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS IT/OT CONVERGENCE «The purpose of ENTERPRISE security is to protect the data residing in the servers from attack. The purpose of ICS security is to protect the ability of the facility to safely and securely operate, regardless of what may befall the rest of the network» [3] [3] Weiss, Joe; “Assuring Industrial Control Systems (ICS) Cyber Security”
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS SECURITY PRINCIPLES (IT vs. OT) CONFIDENTIALITY INTEGRITY AVAILABILITY IT Systems OT Systems (Business) (ICS) + importance - - importance +
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ISA95: ENTERPRISE – CONTROL SYSTEM INTEGRATION
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ISA95: ENTERPRISE – CONTROL SYSTEM INTEGRATION Level 0 Level 1 I/O, Devices and Sensors Production Process Device Networks Level 2 HMI, SCADA Level 3 MES, Batch, Historian Level 4 ERP. CRM, BI Business Planning & Logistics Manufacturing Operations Manufacturing Control and Monitoring Automation Networks Operations Networks Business Networks PLCs, DCS
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS COUNTERMEASURES [4] 1. Assess existing systems: Understand risk and prioritize vulnerabilities 2. Document policies and procedures: Determine position regarding ICS and develop company-specific policies 3. Train personnel and contractors: Develop and institute policy awareness and training programs 4. Segment the control system network: Create distinct network segments and isolate critical parts of the system using a “zone and conduit” model 5. Control access to the system: Provide physical and logistical access controls to both your zones and equipment 6. Harden the components of the system: Lock down the functionality of components 7. Monitor and maintain the system: Update antivirus signatures, install patches, and monitor the system for suspicious activity [4] Byres, Eric; “The Industrial Cybersecurity Problem” – ISA White Paper
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS BEST PRACTICES & GUIDELINES • ISA99/IEC 62443 Security for Industrial Automation and Control Systems • NIST SP 800-82 Guide to Industrial Control Systems (ICS) Security • ENISA Report (2011) Protecting Industrial Control Systems. Recommendations for Europe and Member States • IIC Technical Paper (2015) Industrial Internet Reference Architecture
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS FRAMEWORK: COBIT 5 Implementing NIST Cybersecurity Framework Using COBIT 5
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS SECURITY FRAMEWORK [5] Alcoforado, Ivan; “Leveraging Industrial Standards to Address Industrial Cybersecurity Risk”; ISACA Journal, Volume 4, 2016 Standards Leveraged for IACS Cybersecurity Framework Example [5]
#ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS THANK YOU! Juan Figueras, CISA Security & Privacy Consultant @JoanFiguerasT

Recommended

Security of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxSecurity of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxMohanPandey31
 
ICS security
ICS securityICS security
ICS securityAhmed Shitta
 
Industrial control systems cybersecurity.ppt
Industrial control systems cybersecurity.pptIndustrial control systems cybersecurity.ppt
Industrial control systems cybersecurity.pptDelforChacnCornejo
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterMichael Nickle
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat IntelligenceDeepak Kumar (D3)
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Securitychauhankapil
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Edureka!
 
SCADA Security Presentation
SCADA Security PresentationSCADA Security Presentation
SCADA Security PresentationFilip Maertens
 

Recommended

Security of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxSecurity of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxMohanPandey31
 
ICS security
ICS securityICS security
ICS securityAhmed Shitta
 
Industrial control systems cybersecurity.ppt
Industrial control systems cybersecurity.pptIndustrial control systems cybersecurity.ppt
Industrial control systems cybersecurity.pptDelforChacnCornejo
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterMichael Nickle
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat IntelligenceDeepak Kumar (D3)
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Securitychauhankapil
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Edureka!
 
SCADA Security Presentation
SCADA Security PresentationSCADA Security Presentation
SCADA Security PresentationFilip Maertens
 
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020Jiunn-Jer Sun
 
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
Dragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos, Inc.
 
Cyber Security Case Studies
Cyber Security Case Studies Cyber Security Case Studies
Cyber Security Case Studies Moksha Kalyan Ram Abhiramula
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToJim Gilsinn
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecuritydivyanshigarg4
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 Erick Kish, U.S. Commercial Service
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityANGIEPAEZ304
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82majolic
 
Securing Industrial Control System
Securing Industrial Control SystemSecuring Industrial Control System
Securing Industrial Control SystemHemanth M
 
Scada Industrial Control Systems Penetration Testing
Scada Industrial Control Systems Penetration Testing Scada Industrial Control Systems Penetration Testing
Scada Industrial Control Systems Penetration Testing Yehia Mamdouh
 
Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network securityAPNIC
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...PECB
 
Industrial Security.pdf
Industrial Security.pdfIndustrial Security.pdf
Industrial Security.pdfAhmedRKhan
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityADGP, Public Grivences, Bangalore
 
WHY SOC Services needed?
WHY SOC Services needed?WHY SOC Services needed?
WHY SOC Services needed?manoharparakh
 
IT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOsIT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOsCommunity Protection Forum
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSJim Gilsinn
 

More Related Content

What's hot

A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020Jiunn-Jer Sun
 
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
Dragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos, Inc.
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToJim Gilsinn
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82majolic
 
Securing Industrial Control System
Securing Industrial Control SystemSecuring Industrial Control System
Securing Industrial Control SystemHemanth M
 
Scada Industrial Control Systems Penetration Testing
Scada Industrial Control Systems Penetration Testing Scada Industrial Control Systems Penetration Testing
Scada Industrial Control Systems Penetration Testing Yehia Mamdouh
 
Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network securityAPNIC
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...PECB
 
Industrial Security.pdf
Industrial Security.pdfIndustrial Security.pdf
Industrial Security.pdfAhmedRKhan
 
WHY SOC Services needed?
WHY SOC Services needed?WHY SOC Services needed?
WHY SOC Services needed?manoharparakh
 

What's hot (20)

A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
 
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company Introduction
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
Dragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations Center
 
Cyber Security Case Studies
Cyber Security Case Studies Cyber Security Case Studies
Cyber Security Case Studies
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecurity
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82
 
Securing Industrial Control System
Securing Industrial Control SystemSecuring Industrial Control System
Securing Industrial Control System
 
Scada Industrial Control Systems Penetration Testing
Scada Industrial Control Systems Penetration Testing Scada Industrial Control Systems Penetration Testing
Scada Industrial Control Systems Penetration Testing
 
Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network security
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
 
Industrial Security.pdf
Industrial Security.pdfIndustrial Security.pdf
Industrial Security.pdf
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
WHY SOC Services needed?
WHY SOC Services needed?WHY SOC Services needed?
WHY SOC Services needed?
 

Viewers also liked

Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSJim Gilsinn
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 James Nesbitt
 
Cyber Security Threats to Industrial Control Systems
Cyber Security Threats to Industrial Control SystemsCyber Security Threats to Industrial Control Systems
Cyber Security Threats to Industrial Control SystemsDavid Spinks
 
Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsCybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsItex Solutions
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14James Nesbitt
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...Eran Goldstein
 
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Ahmed Al Enizi
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksMaurice Dawson
 
Cyber Security resilience - what's in a number? The real threat to industrial...
Cyber Security resilience - what's in a number? The real threat to industrial...Cyber Security resilience - what's in a number? The real threat to industrial...
Cyber Security resilience - what's in a number? The real threat to industrial...Schneider Electric
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overviewpgmaynard
 
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Ahmed Al Enizi
 
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...Digital Bond
 
DTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsDTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsShah Sheikh
 
CIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 WatsonCIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 WatsonPatricia M Watson
 
Stuxnet - More then a virus.
Stuxnet - More then a virus.Stuxnet - More then a virus.
Stuxnet - More then a virus.Hardeep Bhurji
 
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha Schneider Electric
 
Industrial Cybersecurity & SCADA hacks presentation
Industrial Cybersecurity & SCADA hacks presentationIndustrial Cybersecurity & SCADA hacks presentation
Industrial Cybersecurity & SCADA hacks presentationGavin Davey
 
BSidesAugusta 2015 - How to get into ICS security
BSidesAugusta 2015 - How to get into ICS securityBSidesAugusta 2015 - How to get into ICS security
BSidesAugusta 2015 - How to get into ICS securityChris Sistrunk
 

Viewers also liked (20)

IT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOsIT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOs
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICS
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015
 
Cyber Security Threats to Industrial Control Systems
Cyber Security Threats to Industrial Control SystemsCyber Security Threats to Industrial Control Systems
Cyber Security Threats to Industrial Control Systems
 
Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsCybersecurity for modern industrial systems
Cybersecurity for modern industrial systems
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
 
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber Attacks
 
Cyber Security resilience - what's in a number? The real threat to industrial...
Cyber Security resilience - what's in a number? The real threat to industrial...Cyber Security resilience - what's in a number? The real threat to industrial...
Cyber Security resilience - what's in a number? The real threat to industrial...
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overview
 
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
 
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
 
DTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsDTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security Solutions
 
Exp r35
Exp r35Exp r35
Exp r35
 
CIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 WatsonCIA Trifecta ISACA Boise 2016 Watson
CIA Trifecta ISACA Boise 2016 Watson
 
Stuxnet - More then a virus.
Stuxnet - More then a virus.Stuxnet - More then a virus.
Stuxnet - More then a virus.
 
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
 
Industrial Cybersecurity & SCADA hacks presentation
Industrial Cybersecurity & SCADA hacks presentationIndustrial Cybersecurity & SCADA hacks presentation
Industrial Cybersecurity & SCADA hacks presentation
 
BSidesAugusta 2015 - How to get into ICS security
BSidesAugusta 2015 - How to get into ICS securityBSidesAugusta 2015 - How to get into ICS security
BSidesAugusta 2015 - How to get into ICS security
 

Similar to Cybersecurity in Industrial Control Systems (ICS)

[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT SuccessElectric Imp
 
Industrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksIndustrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksPriyanka Aash
 
Chariot generic presentation owaspwia_Infosecgirls
Chariot generic presentation owaspwia_InfosecgirlsChariot generic presentation owaspwia_Infosecgirls
Chariot generic presentation owaspwia_InfosecgirlsVandana Verma
 
Reports on Industrial Control Systems’ Cyber Security
Reports on Industrial Control Systems’ Cyber SecurityReports on Industrial Control Systems’ Cyber Security
Reports on Industrial Control Systems’ Cyber SecurityA. V. Rajabahadur
 
Industrial Cybersecurity and Critical Infrastructure Protection in Europe
Industrial Cybersecurity and Critical Infrastructure Protection in EuropeIndustrial Cybersecurity and Critical Infrastructure Protection in Europe
Industrial Cybersecurity and Critical Infrastructure Protection in EuropePositive Hack Days
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Samuel Kamuli
 
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNorth Texas Chapter of the ISSA
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...Dale Butler
 
European smart grid cyber and scada security
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada securityYulia Rotar
 
iFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
iFluids Cybersecurity Seminar CIC Qatar 2018 AgendaiFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
iFluids Cybersecurity Seminar CIC Qatar 2018 AgendaJohn Kingsley
 
Smart Manufacturing
Smart ManufacturingSmart Manufacturing
Smart ManufacturingCSA Group
 
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Dawn Yankeelov
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdfdhanywahyudi17
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 
Get to zero stealth natural gas_executive_overview_ch
Get to zero stealth natural gas_executive_overview_chGet to zero stealth natural gas_executive_overview_ch
Get to zero stealth natural gas_executive_overview_chSherid444
 

Similar to Cybersecurity in Industrial Control Systems (ICS) (20)

Iio t security std
Iio t security stdIio t security std
Iio t security std
 
[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success
 
Industrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksIndustrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & Frameworks
 
Chariot generic presentation owaspwia_Infosecgirls
Chariot generic presentation owaspwia_InfosecgirlsChariot generic presentation owaspwia_Infosecgirls
Chariot generic presentation owaspwia_Infosecgirls
 
Reports on Industrial Control Systems’ Cyber Security
Reports on Industrial Control Systems’ Cyber SecurityReports on Industrial Control Systems’ Cyber Security
Reports on Industrial Control Systems’ Cyber Security
 
Industrial Cybersecurity and Critical Infrastructure Protection in Europe
Industrial Cybersecurity and Critical Infrastructure Protection in EuropeIndustrial Cybersecurity and Critical Infrastructure Protection in Europe
Industrial Cybersecurity and Critical Infrastructure Protection in Europe
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015
 
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
 
European smart grid cyber and scada security
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada security
 
iFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
iFluids Cybersecurity Seminar CIC Qatar 2018 AgendaiFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
iFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
 
Industrial networks safety & security - e+h june 2018 ben murphy
Industrial networks safety & security - e+h june 2018 ben murphyIndustrial networks safety & security - e+h june 2018 ben murphy
Industrial networks safety & security - e+h june 2018 ben murphy
 
Smart Manufacturing
Smart ManufacturingSmart Manufacturing
Smart Manufacturing
 
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
 
IIoT Endpoint Security
IIoT Endpoint Security IIoT Endpoint Security
IIoT Endpoint Security
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdf
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
 
Get to zero stealth natural gas_executive_overview_ch
Get to zero stealth natural gas_executive_overview_chGet to zero stealth natural gas_executive_overview_ch
Get to zero stealth natural gas_executive_overview_ch
 

Recently uploaded

presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 

Recently uploaded (20)

presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 

Cybersecurity in Industrial Control Systems (ICS)

  • 2. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS AGENDA • Introduction to Industrial Control Systems • Security Concerns (Cyber Incidents, CERT) • Threats and Vulnerabilities (ICS Exploitation, SHODAN) • IT/OT Convergence (Security Principles, Countermeasures) • Best Practices, Guidelines and Frameworks Juan Figueras, CISA Security & Privacy Consultant
  • 3. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS INTRODUCTION Industrial processes • Manufacturing • Smart Grid • Utilities • Oil & Gas • Transport • Telecomm • Chemicals
  • 4. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS DEFINITION Industrial Control Systems (ICS) are command and control network and systems designed to support industrial processes[1] [1] ENISA “Protecting Industrial Control Systems. Recommendations for Europe and Member States” (2011)
  • 5. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS COMPONENTS • IED – Intelligent Electronic Device • RTU – Remote Terminal Units • PLC – Programmable Logic Controllers • DCS – Distributed Control Systems • HMI – Human-Machine Interfaces • SCADA – Supervisory Control and Data Acquisition
  • 6. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS COMPONENTS SCADA DCS RTU PLC HMI IED
  • 7. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS SECURITY CONCERNS • Weak communication protocols – Lack of authentication in most cases – Lack of encryption • Weak passwords – Default passwords – Insecure password management • Poor QoS (Quality of Service) – DoS “friendly” • Internet connected web servers without protection • Difficult or nonexistent patching – “If it isn’t broke, don’t fix it” – Extensive use of Windows XP
  • 8. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS CYBER INCIDENTS Attack Year Description Vector Outcome Motivation German Steel Mill Cyber Attack 2014 Malware to gain access to the corporate network an then moved into the plant network Spear Phishing email Physical damage Unknown DragonFly 2014 Campaign against energy companies compromising ICS equipment SQL Injection & Remote Access Trojan Sabotage Espionage / Sabotage Telvent Canada attack 2012 Access to SCADA Admin Tools Malware New project files stolen Information Thief Stuxnet 2010 Rootkit to take control of ICS of nuclear power plants Infected USB flash drive Systems stop Sabotage Baku – Tbilisi - Ceyhan (BTC) pipeline attack 2009 Access to the pipeline’s control System to supress alarms ans manipulate the process Physical access to network Temporary disruption in pipeline transfers Geopolitics (?)
  • 9. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS-CERT MONITOR 245 incidents received by ICS-CERT in 2014 [2] [2] ICS-CERT Monitor, September 2014 - February 2015, NCCIC
  • 10. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS-CERT MONITOR 245 incidents received by ICS-CERT in 2014 • Unauthorized access and exploitation of Internet facing ICS/Supervisory Control and Data Acquisition (SCADA) devices • Exploitation of zero-day vulnerabilities in control system devices and software • Malware infections within air-gapped control system networks • SQL injection via exploitation of web application vulnerabilities • Network scanning and probing • Lateral movement between network zones • Targeted spear-phishing campaigns
  • 11. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS-CERT MONITOR
  • 12. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS EXPLOITATION: SHODAN DEMO (I) Gathering information
  • 13. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS EXPLOITATION Project SHINE, uncovered that over 1 million SCADA / ICS systems are connected to the internet with unique IPs, and this figure is growing by between 2000 – 8000 per day.
  • 14. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS EXPLOITATION: SHODAN DEMO (II) Common ICS ports port 102 Siemens S7 port 502 Modbus port 789 Red Lion port 20000 DNP3 port 34980 EtherCAT port 34962 PROFINET port 44818 EtherNet/IP port 47808 BACnet/IP
  • 15. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS EXPLOITATION Open Sourced Vulnerability Database (http://www.osvdb.org)
  • 16. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS IT/OT CONVERGENCE «The purpose of ENTERPRISE security is to protect the data residing in the servers from attack. The purpose of ICS security is to protect the ability of the facility to safely and securely operate, regardless of what may befall the rest of the network» [3] [3] Weiss, Joe; “Assuring Industrial Control Systems (ICS) Cyber Security”
  • 17. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS SECURITY PRINCIPLES (IT vs. OT) CONFIDENTIALITY INTEGRITY AVAILABILITY IT Systems OT Systems (Business) (ICS) + importance - - importance +
  • 18. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ISA95: ENTERPRISE – CONTROL SYSTEM INTEGRATION
  • 19. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ISA95: ENTERPRISE – CONTROL SYSTEM INTEGRATION Level 0 Level 1 I/O, Devices and Sensors Production Process Device Networks Level 2 HMI, SCADA Level 3 MES, Batch, Historian Level 4 ERP. CRM, BI Business Planning & Logistics Manufacturing Operations Manufacturing Control and Monitoring Automation Networks Operations Networks Business Networks PLCs, DCS
  • 20. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS COUNTERMEASURES [4] 1. Assess existing systems: Understand risk and prioritize vulnerabilities 2. Document policies and procedures: Determine position regarding ICS and develop company-specific policies 3. Train personnel and contractors: Develop and institute policy awareness and training programs 4. Segment the control system network: Create distinct network segments and isolate critical parts of the system using a “zone and conduit” model 5. Control access to the system: Provide physical and logistical access controls to both your zones and equipment 6. Harden the components of the system: Lock down the functionality of components 7. Monitor and maintain the system: Update antivirus signatures, install patches, and monitor the system for suspicious activity [4] Byres, Eric; “The Industrial Cybersecurity Problem” – ISA White Paper
  • 21. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS BEST PRACTICES & GUIDELINES • ISA99/IEC 62443 Security for Industrial Automation and Control Systems • NIST SP 800-82 Guide to Industrial Control Systems (ICS) Security • ENISA Report (2011) Protecting Industrial Control Systems. Recommendations for Europe and Member States • IIC Technical Paper (2015) Industrial Internet Reference Architecture
  • 22. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS FRAMEWORK: COBIT 5 Implementing NIST Cybersecurity Framework Using COBIT 5
  • 23. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS ICS SECURITY FRAMEWORK [5] Alcoforado, Ivan; “Leveraging Industrial Standards to Address Industrial Cybersecurity Risk”; ISACA Journal, Volume 4, 2016 Standards Leveraged for IACS Cybersecurity Framework Example [5]
  • 24. #ICSSecurity Juan Figueras (@JoanFiguerasT) #EUROCACS THANK YOU! Juan Figueras, CISA Security & Privacy Consultant @JoanFiguerasT