Your SlideShare is downloading. ×
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Is Your Data Center Ready for STUXNET?
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Is Your Data Center Ready for STUXNET?

827

Published on

Recently, a computer worm known as STUXNET was able to infiltrate an Iranian nuclear power facility and damage a number of uranium purification centrifuges. This is the first known malware with the …

Recently, a computer worm known as STUXNET was able to infiltrate an Iranian nuclear power facility and damage a number of uranium purification centrifuges. This is the first known malware with the ability to cause physical damage to electrical or mechanical devices.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
827
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
34
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • In January 2011 the NSA broke ground on a $1.6B Utah cybersecurity data center
  • In data centers one of the ways in which we address the requirement for high availability and uptime is redundancy.
  • We stated to hear warnings from IEEE, DOEnergy, Controls professional organizations that these changes had opened a door.
  • INELRequired a hacker actively involved in process
  • First malware to cross the boundary between the cyber and the real
  • Jan 2011 ground breaks on DHS cyber security data center in Utah estimated $1.6B project
  • The 2010 HBGary story
  • Transcript

    • 1. Is Your Data Center Ready for STUXNET?
      Eric Gallant
      Industry Author & Consultant
      Lee Technologies
    • 2. Objectives:
      Get you thinking differently about what cyber weapons are capable of.
      Get you thinking differently about the vulnerability of data center infrastructure.
      Provide some first steps you can use to help protect your facility
    • 3. Agenda:
      Discuss the tools and economic impact of cyber attacks.
      Show how critical electrical and mechanical infrastructure became vulnerable.
      Discuss who would want to attack a data center and why.
      Discuss solutions and recommendations.
    • 4. Weapons of Cyber attackers
      Malware
      Viruses, Worms, Trojan Horses, Spyware, Adware, Tracking programs, Bots
      Hackers
      Identity Theft, Spear-phishing, Data Theft, Denial of Service Attacks (DoS, DDoS), Espionage, Sabotage
      These weapons are constantly evolving, endlessly creative and increasingly potent.
    • 5. Proliferation & Cost of Cyber Attacks
      According to Symantec in 2008 “The rate of malware creation exceeds the rate of legitimate software”
      In a 2009 speech President Obama said, “It's been estimated that last year alone cyber criminals stole intellectual property from businesses worldwide worth up to $1 trillion.”
      Between 1995 and 2000 cost of cyber attacks to worldwide business rose from $500M to $17B
    • 6. Physical Infrastructure Vulnerability
      For data centers defending against cyber attacks is a nightmare for IT but not usually an issue for FACILITIES.
      That dynamic is rapidly changing
      • Electrical and mechanical infrastructure has become vulnerable to catastrophic physical damage from hackers and malware.
    • Attack Vector: SCADA Systems
      Monitoring and Control Systems AKA: Supervisory Control and Data Acquisition (SCADA) Systems
      Used extensively for automated functions in:
      Complex Switchgear
      Generator Systems
      Mechanical Systems
      Technology advances are making these control systems increasingly like IT systems and susceptible to the same cyber attacks.
    • 7. SCADA Technology Shifts
      Dedicated mainframes replaced by off the shelf PCs and Servers
      Operate in vulnerable Windows and Unix environments
      Standardized, non-authenticated communication protocols
      Sharing corporate network resources
    • 8. Probing National Critical Infrastructure
      4/09 WSJ Reports Chinese, Russians have attempted to map electrical grid
      No hostile intent?
      No ability to cause physical damage?
    • 9. Aurora Generator Test
      • Spring 2008
      • 10. DoEnergy/DOHS
      • 11. Demonstrated capability of an Internet attack to damage infrastructure
      • 12. 20 seconds to complete failure
    • Stuxnet
      STUXNET SCADA Worm
      Discovered mid 2010
      First PLC rootkit
      Infiltrated SCADA systems at highly secure nuclear facility
      Infiltrated control systems that were not connected to the Internet
      Altered PLC code and concealed the changes from human operators
      Caused speed changes in uranium purification centrifuges
      Destroyed some centrifuges
      Reportedly rendered batches of purified uranium unusable
    • 13. Federal Response to Threat
      US President Barack Obama stated, "It is now clear this cyber threat is one [of] the most serious economic and national security challenges we face as a nation."
      Stuxnet called a “game-changer” by DHS
      Comprehensive National Cybersecurity Initiative (CNCI)
      U.S. Federal Cybersecurity market valued at $55 billion (2010 – 2015), the market will grow steadily – at about 6.2% CAGR over the next six years.
      Securing physical infrastructure vital to nation interests is a one of the fastest growing segments in the federal Cybersecurity market
    • 14. Who Would Attack a Data Center?
      Nation-states engaged in Cyberwar
      Corporations
      Criminal Organizations
      Targets of Opportunity
      Hacktivists
      Environmentalists
      “Tyler Durden”
      4/Chan Anonymous – HBGary
      Terrorists
      Asymmetric warfare
    • 15. News Since STUXNET
      SKY News reported that the STUXNET source code had been sold on the black market
      Anonymous reported that they are in possession of the STUXNET code
      Richard Clark, terrorism expert under four presidents stated that, “cyber warfare has caused generators and pipelines to explode, trains to crash and financial systems to become confused. “
      Ralph Langner “The next cyber weapon will be considerably cheaper, since much of the attack vector and the specifics of how to use automation equipment will simply be copied. Sabotage with the motivation of extortion will get a commonplace scenario. At this time targets are no longer limited to critical infrastructure but will especially cover the private sector—a TARGET-RICH AREA where it cannot be assumed that organizations will install countermeasures, large scale in a reasonable amount of time.”
    • 16. Solutions?
      Better manufacturer SUPPORT
      Better control system DESIGN
      Better operational BEST PRACTICES
      Better vendor management
      Proactive malware and antivirus protection
    • 17. Recommendations:
      Be aware of the threat
      Close the gap between IT and facilities
      Discuss and implement AV protection with equipment manufacturers and service providers
      Don’t share network infrastructure
      Understand your network map
      Extend physical security to include equipment yards
      Penetration testing/red team testing
    • 18. SITREP Summary
      Cyber war is raging
      A cyber super-weapon has been deployed
      Weapons are now capable of crossing the boundary separating data from the real world
      The weapon technology is proliferating
      Everyone is a potential target
    • 19. Questions?
      Contact:
      egallant@leetechnologies.com
      404-418-1409

    ×