Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges V1.5

1,477 views
1,110 views

Published on

ICS SCADA Cyber Security Solutions and Challenges

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,477
On SlideShare
0
From Embeds
0
Number of Embeds
96
Actions
Shares
0
Downloads
54
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • A look into some ICS/SCADA Cyber AttacksStuxnet - June 2010FactsSeven Iranian organizations scoring 70% of infections compared to other countries. It exploited zero day vulnerabilities in Microsoft platformsTargeted Siemens SCADA software. It contained Programmable Logic Unit rootkit that allowed it to spy on specific automated industrials procedures.In other words it is a Cyber Espionage attackWikipedia – Symantec - TrendMicroBusiness ImpactIn countries that their Gross Domestic Product depends heavily on petroleum business, the major impact is the restrain of the national economic growth.Shamoon - August 2012ARAMCO and RasGas were hit by this Cyber AttackFactsMassive outbreak resulting in 30k computers.Loss of data on infected computers.Operation loss on infected computersData leakagesIn other words it is a Cyber Espionage and Destruction attack.Symantec - WikipediaBusiness ImpactImpact on Gross Domestic Product results majorly in restrain of the national economic growth due to the fact that in Saudi Arabia “The petroleum sector accounts for roughly 80% of budget revenues, 45% of GDP, and 90% of export earnings." (mundi index) ICS/SCADA HackingObviously anyone who doesn’t like you or competing with you and has nothing to stop him (Motivation, Means, Opportunity).Conventional or Typical HackingA hacker somewhere in the world doing his best to hack your networkMost of the companies deploy pretty good protection on their internet gateway so it is hard to gain access from that way.Insider ThreatDeliberate harmful act by Disgruntle employee.Simply a human mistake due to poor conduct. Advanced Persistent Threat aka Cyber ThreatA very intelligent group somewhere in the world deploying most sophisticated techniques you probably never have heard about (Zero Day) to spy on you and/or destroy you. 
  • A look into some ICS/SCADA Cyber AttacksStuxnet - June 2010FactsSeven Iranian organizations scoring 70% of infections compared to other countries. It exploited zero day vulnerabilities in Microsoft platformsTargeted Siemens SCADA software. It contained Programmable Logic Unit rootkit that allowed it to spy on specific automated industrials procedures.In other words it is a Cyber Espionage attackWikipedia – Symantec - TrendMicroBusiness ImpactIn countries that their Gross Domestic Product depends heavily on petroleum business, the major impact is the restrain of the national economic growth.Shamoon - August 2012ARAMCO and RasGas were hit by this Cyber AttackFactsMassive outbreak resulting in 30k computers.Loss of data on infected computers.Operation loss on infected computersData leakagesIn other words it is a Cyber Espionage and Destruction attack.Symantec - WikipediaBusiness ImpactImpact on Gross Domestic Product results majorly in restrain of the national economic growth due to the fact that in Saudi Arabia “The petroleum sector accounts for roughly 80% of budget revenues, 45% of GDP, and 90% of export earnings." (mundi index) ICS/SCADA HackingObviously anyone who doesn’t like you or competing with you and has nothing to stop him (Motivation, Means, Opportunity).Conventional or Typical HackingA hacker somewhere in the world doing his best to hack your networkMost of the companies deploy pretty good protection on their internet gateway so it is hard to gain access from that way.Insider ThreatDeliberate harmful act by Disgruntle employee.Simply a human mistake due to poor conduct. Advanced Persistent Threat aka Cyber ThreatA very intelligent group somewhere in the world deploying most sophisticated techniques you probably never have heard about (Zero Day) to spy on you and/or destroy you. 
  • Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges V1.5

    1. 1. Cyber Security Solutions & Challenges Ahmed M. Al Enizy IT Security Manager International Systems Engineering
    2. 2. 210/3/2012
    3. 3.  ICS and SCADA systems are important for our petroleum business and for our national economic growth because they automate and monitor the production processes.  ICS and SCADA systems are no longer isolated from corporate and internet network.  Most ICS and SCADA protocols, Designs, and Implementations were done without security in mind.  This made them even more exposed to threats and vulnerabilities, and it made challenges even tougher.3 10/3/2012
    4. 4. 4 10/3/2012
    5. 5.  Concept Abstraction  Solution Concept Abstraction  The Right Solution For You  Cyber Security Services & Solutions Catalog  Suggested Roadmap  Challenges5 10/3/2012
    6. 6. Someone Somewhere with Motivation, Means, and Opportunity Advanced Wants to Spy / Harm Conventional Persistent External Threat Hacking Threat Remote Internet Contractors - Partners - Support Economic Growth GDC Access Threat & Unsecured Unmanaged 3rd Party Production Business StuxNet $ ICS / Monitor Control Report Operations SCADA IT Shamoon Local Internal Threat Poor6 10/3/2012 Governance – Design – Security
    7. 7. 7 10/3/2012
    8. 8. Someone Somewhere with Motivation, Means, and Opportunity Wants to Spy / Harm Contractors - Partners - Support Internet Remote Economic Growth 3rd Party Production $ Business Monitor & ICS / Control Report Operations SCADA Local IT Logical Security Physical Security8 10/3/2012 Governance, Risk, and Compliance Assurance
    9. 9.  It is not a menu that you choose from or an advice from a very reliable source, you have to do your homework in assessing your risks.  Solutions can be ◦ Administrative, e.g. GRC, policy, and process. ◦ Technical  Safeguards prevents the threat from happening, e.g. firewall.  Counter measures, e.g. antivirus, remediation and recovery procedures. ◦ Physical, i.e. gates, doors, barriers… etc.  The right solution for you should help mitigate identified risks and save you some money.9 10/3/2012
    10. 10. Consultation MSS IT Security Network Security Intelligence and SOC End Point Protection Firewall / UTM reports Business Continuity Access Control and and Disaster Penetration Testing IDS / IPS Identity Management Recovery Encryption and Data Crisis Management Threat Management Traffic Encryption Protection Data Leakage Security Programs Forensics NAP/NAC Prevention Host and Web and Email Awareness Application SecurityRisk and Compliance Security Fraud and Identity Vulnerability andSecurity Assessment Protection Patch Management Wireless Security and Health Check Traffic Monitoring10 10/3/2012
    11. 11. Security Roadmap and Continues Improvement Plan Development Security Program and Policy Review and AmendmentCrisis Management, Business Continuity and DisasterRecovery Readiness Assessment Security Controls Effectiveness Assessment ICS/SCADA Risk Assessment 11 10/3/2012
    12. 12.  Remote sites … ◦ In the middle of the desert. ◦ Connectivity. ◦ Local support. ◦ Remote support. ◦ Log collection. ◦ Incident response and handling.  Security solutions not compatible with ICS/SCADA software and communication protocols.  Cyber Security standards for ICS/SCADA.  Centralized Cyber Security for monitoring, control, and response.12 10/3/2012
    13. 13.  Directly or indirectly connected to the internet or to any 3rd party or you allow data transfer or exchange electronically, then you are facing Cyber Threats.  It is never too late to start fixing because you are going to be targeted once again.  Cyber Security same as any complicated problem can be concurred if simplified, abstracted, and divided into smaller logical groups.  There is no 100% security and guarantee even if everybody is saying so.  keep doing your best in assessing, discovering risks and fortifying your security.  Make sure that you are ready to survive the crisis and restore your business in very short time.13 10/3/2012
    14. 14. 14 10/3/2012

    ×