Potential Impact of Cyber Attacks on
Critical Infrastructure
John S Kendall
Director of Public Sector and Security Program...
Outline

Cyber Attacks on Critical Infrastructure
What all the fuss about?

What are the real threats?
Who is responsible ...
What is “critical infrastructure”?

The Australian, State and Territory governments define
critical infrastructure as:
“Th...
What is “critical infrastructure” for business?
For which extended
disruption or destruction
would seriously
impact or
jeo...
What is “critical infrastructure”?
Physical Infrastructure
•

Power production/distribution

•

Refineries and critical ma...
What is “critical infrastructure”?
Physical Infrastructure

Cyber-Physical Infrastructure

•

Power production/distributio...
Impact of Critical Infrastructure Outages
Public Concerns
Major impact from
2-day outage

Infrastructure
Electricity suppl...
Impact of Critical Infrastructure Outages
Public Concerns
Government Concerns
– National security
– National economy

© 20...
Impact of Critical Infrastructure Outages
Public Concerns
Government Concerns
Business Concerns
–
–
–
–

Business Operatio...
Impact of Critical Infrastructure Outages
Public Concerns
Government Concerns
Business Concerns
Cascade Effect
– Interconn...
What are the threats to your infrastructure?

• Traditional Physical Threats
– Destruction / Damage / Disruption
– Natural...
What are the threats to your infrastructure?

• Traditional Physical Threats
– Destruction / Damage / Disruption
– Natural...
What are the threats to your infrastructure?

• Traditional Physical Threats
– Destruction / Damage / Disruption
– Natural...
What makes Cyber-Physical systems so vulnerable?
• Tempting Target:
– Fragility of cyber-physical systems
– Ability to “st...
Evidence to support this fear
Reported Attacks on US Critical Infrastructure

400
350
US Critical Infrastructure Targets
P...
Evidence to support this fear: “Honeypot” test

North Korea, 2%
Croatia, 2%
Chile, 2%
Palestinian
Territory, 2%
Vietman, 2...
Recent cyber attacks on Critical Infrastructure
Stuxnet Malware (2010-2012)
• Sophisticated attack on nuclear manufacturin...
Who is responsible for fixing this?

• Government?
– Regulations / Legislations / Standards
– Information Sharing
– Resear...
What actions does my company need to take?
• Assume someone is actively attempting to infiltrate your systems
(both inform...
Thank you and
Good Luck!

John S Kendall
Public Sector and Security Program Director
Asia-Pacific Region

Unisys
Unisys Au...
Upcoming SlideShare
Loading in...5
×

John Kendall Unisys: Potential impact of cyber attacks on critical infrastructure

747

Published on

John Kendall, Security Program Director, Unisys Asia Pacific delivered this presentation at the 2013 Corporate Cyber Security Summit. The event examined cyber threats to Australia’s private sector and focussed on solutions and counter cyber-attacks. For more information about the event, please visit the conference website http://www.informa.com.au/cybersecurityconference

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
747
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

John Kendall Unisys: Potential impact of cyber attacks on critical infrastructure

  1. 1. Potential Impact of Cyber Attacks on Critical Infrastructure John S Kendall Director of Public Sector and Security Programs Unisys Asia-Pacific
  2. 2. Outline Cyber Attacks on Critical Infrastructure What all the fuss about? What are the real threats? Who is responsible for taking what actions? © 2012 Unisys Corporation. All rights reserved. 2
  3. 3. What is “critical infrastructure”? The Australian, State and Territory governments define critical infrastructure as: “Those physical facilities, supply chains, information technologies and communication networks which, if destroyed, degraded or rendered unavailable for an extended period, would significantly impact on the social or economic wellbeing of the nation or affect Australia’s ability to conduct national defence and ensure national security.” Source: Australian Government Critical Infrastructure Resilience Strategy © 2012 Unisys Corporation. All rights reserved. 3
  4. 4. What is “critical infrastructure” for business? For which extended disruption or destruction would seriously impact or jeopardise  Physical facilities  IT facilities  Networks  Services  Assets      Health Safety Security Economic well-being Effective functioning of the business, employees, channel partners or customers © 2012 Unisys Corporation. All rights reserved. 4
  5. 5. What is “critical infrastructure”? Physical Infrastructure • Power production/distribution • Refineries and critical manufacturing • Water supplies • Transportation systems • Communication networks Physical Threats • Armed attacks • Bombs • Sabotage Cyber Infrastructure • Internet • Critical information systems • Online business/financial services Cyber Threats • Malware • Denial of Service • Data Breach © 2012 Unisys Corporation. All rights reserved. 5
  6. 6. What is “critical infrastructure”? Physical Infrastructure Cyber-Physical Infrastructure • Power production/distribution Physical Threats • Power production / distribution • Refineries and critical manufacturing • Armed attacks • Refineries and critical manufacturing • WaterBombs • supplies • Water Supplies • • Sabotage Transportation systems • Transportation systems • Communication networks • Communication networks • Cars • Airplanes • Medical devices / systems Cyber Infrastructure • • Internet Threats Cyber Critical information systems • Malware • Online business/financial services • Denial of Service • Data Breach © 2012 Unisys Corporation. All rights reserved. 6
  7. 7. Impact of Critical Infrastructure Outages Public Concerns Major impact from 2-day outage Infrastructure Electricity supply in your city/region 84% Water supply in your city/region 80% Banking systems such as ATM & EFTPOS 60% Mobile phone network 46% Internet 46% Public transport network 27% Major thoroughfare such as Sydney Harbour Bridge 20% Capital city airport 17% Source: Unisys Security Index Research 2012 © 2012 Unisys Corporation. All rights reserved. 7
  8. 8. Impact of Critical Infrastructure Outages Public Concerns Government Concerns – National security – National economy © 2012 Unisys Corporation. All rights reserved. 8
  9. 9. Impact of Critical Infrastructure Outages Public Concerns Government Concerns Business Concerns – – – – Business Operations Impact Financial Impact Supply Chain Impact Business Reputation Impact © 2012 Unisys Corporation. All rights reserved. 9
  10. 10. Impact of Critical Infrastructure Outages Public Concerns Government Concerns Business Concerns Cascade Effect – Interconnectedness of systems creates risk of cascade effect. For example… Extended power failure Gas and oil pipeline outage Petrol supply shortfall Transportation / logistics shutdown Exhaust just-in-time inventories for hospitals, manufacturers… © 2012 Unisys Corporation. All rights reserved. 10
  11. 11. What are the threats to your infrastructure? • Traditional Physical Threats – Destruction / Damage / Disruption – Natural disaster / Accidental / Deliberate © 2012 Unisys Corporation. All rights reserved. 11
  12. 12. What are the threats to your infrastructure? • Traditional Physical Threats – Destruction / Damage / Disruption – Natural disaster / Accidental / Deliberate • Traditional Cyber Threats – – – – Accidental breaches External hacks Denial of Service Virus / worm infiltration © 2012 Unisys Corporation. All rights reserved. 12
  13. 13. What are the threats to your infrastructure? • Traditional Physical Threats – Destruction / Damage / Disruption – Natural disaster / Accidental / Deliberate • Traditional Cyber Threats – – – – Accidental breaches External hacks Denial of Service Virus / worm infiltration • Cyber-Physical Threats – All of the above – Often more susceptible to physical and cyber attacks than purely physical or purely cyber infrastructures © 2012 Unisys Corporation. All rights reserved. 13
  14. 14. What makes Cyber-Physical systems so vulnerable? • Tempting Target: – Fragility of cyber-physical systems – Ability to “strike from afar” – Low “cost of entry” • Inadequate security practices – “Poor cousin” to both physical and cyber specialists – Careless inattention to the basics (authentication practices) – Lack of user security training • Intentional interconnectedness  Unintended vulnerabilities – Internet access for remote support/maintenance can be exploited by hackers – Integration of systems across facilities, companies, locations – often using insecure networking protocols (e.g., MODBUS) • Long system lifespans without modernising security mechanisms: – Lack of upgrades may be due to limited memory / processor capability – Original system supplier may no longer exist – so no ongoing support – Need for continuous operations prevents system changes or upgrades © 2012 Unisys Corporation. All rights reserved. 14
  15. 15. Evidence to support this fear Reported Attacks on US Critical Infrastructure 400 350 US Critical Infrastructure Targets Postal/Shipping 1% Public Health 1% 300 250 200 Commercial Facilities 3% Energy 54% Nuclear 3% 150 100 50 Govt Facilities 4% 0 Water 4% 2010 InfoTech 4% 2011 2012 2013* * Projection based on 6 months data Communications 5% Transportation 5% Critical Mfg 16% Source: US Dept of Homeland Security ICS-CERT © 2012 Unisys Corporation. All rights reserved. 15
  16. 16. Evidence to support this fear: “Honeypot” test North Korea, 2% Croatia, 2% Chile, 2% Palestinian Territory, 2% Vietman, 2% Poland, 2% Japan, 2% China, 35% “Honeypot” emulates several types of ICS/SCADA devices and mimics those that are commonly internet facing – with traditional vulnerabilities found across similar systems. First attack occurred 18 hours after the honeypot was activated. Netherlands, 2% Brazil, 4% US, 19% Russia, 6% And over the next 28 days, attacks originated from the following countries UK, 8% Laos, 12% Source: Trend Micro Incorporated Research Paper “Who’s Really Attacking your ICS Equipment”, Author Kyle Wilhoit © 2012 Unisys Corporation. All rights reserved. 16
  17. 17. Recent cyber attacks on Critical Infrastructure Stuxnet Malware (2010-2012) • Sophisticated attack on nuclear manufacturing facilities in Iran • US/Israel malware exploits vulnerabilities in Microsoft Windows Power Plant (2012) • Plant shut down for three days after technician unknowingly inserts virus infected USB disk • US Dept of Homeland Security declines to share additional information Water Supply (2011) • Critical pump damaged by Russian hackers • Cycled pump on/off until it burned out Rail Network (2011) • Hackers manipulated railway company computer systems • Disrupted rail service – could have been much worse Chemical Plant (2011) • PoisonIvy malware infected systems at more than 48 chemical and defense companies • Source of attack traced back to China © 2012 Unisys Corporation. All rights reserved. 17
  18. 18. Who is responsible for fixing this? • Government? – Regulations / Legislations / Standards – Information Sharing – Research • Suppliers of CPS systems? – Address/fix security vulnerabilities – Best practices for implementation – Design enhanced security into new releases • Organisations that implement and use CPS!! – Primary responsibility! © 2012 Unisys Corporation. All rights reserved. 18
  19. 19. What actions does my company need to take? • Assume someone is actively attempting to infiltrate your systems (both information systems and cyber-physical systems) • Identify vulnerabilities with security assessments of all systems – – – – – Internet connections / VPN access Aging operating systems and applications “Auto run” settings for USB devices Poorly configured firewalls Inadequate access controls • Include security as key design feature in new/updated systems • Don’t work in isolation – Government-Business Partnership: Trusted Information Sharing Network (TISN) and Critical Infrastructure Advisory Council (CIAG) – Industry Segment User Groups • Education/training – Awareness of the threat and individual responsibilities © 2012 Unisys Corporation. All rights reserved. 19
  20. 20. Thank you and Good Luck! John S Kendall Public Sector and Security Program Director Asia-Pacific Region Unisys Unisys Australia Pty Limited Equinox 2, Level 1 70 Kent Street Deakin ACT 2600 Australia john.kendall@unisys.com Office: Direct: Mobile: Fax: 1300 088 833 +61 2 6274 3571 +61 424 152 034 +61 2 6274 3533 © 2012 Unisys Corporation. All rights reserved. 20
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×