Your SlideShare is downloading. ×
Industrial Cyber Warfare Already Here
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Industrial Cyber Warfare Already Here

1,511
views

Published on


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,511
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
27
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Is there a loophole from which malicious software can enter your network?How would your monitoring devices react once the Trojan or virus has penetrated your network?How would your employees respond? How does your organization cope with the identified threat?How much time and effort is required to rectify and purge the threat?
  • Transcript

    • 1. Industrial Cyber Warfare Already Here
      Itzik Kotler
      CTO, Security Art
    • 2. Cyber Warfare
      Cyber Warfare is the use of electronic communications and the Internet to disrupt a country's telecommunications, power supply, transport system, etc.
      Cyber Warfare arsenal includes: Logic Bombs, Permanent Denial-of-Service, Advanced Persistent Threats and more.
    • 3. Let Me Stuxnet You!
      Today it’s a country that seeks to destroy another nation and tomorrow it’s a commercial company that seeks to make a rival company go out of business. An act of Industrial Cyber Warfare.
      A successfully delivered Industrial Cyber Warfare attack causes financial loss, operation loss, or both to the attacked company!
    • 4. Industrial Cyber Warfare: Why & Who?
      Industrial Espionage
      Rival Companies
      Foreign Countries
      Terrorism
      Political/Social Agenda
      Revenge
      Blackmailing
      Greed, Power and etc.
    • 5. 1st Step: Getting In
      Getting infected with malware is usually much easier than detecting it, or getting rid of it.
      Delivery vectors:
      Client-side Vulnerabilities
      Social Networks
      Social Engineering
    • 6. Permanent Denial-of-Service
      Permanent Denial-of-Service is an attack that damages hardware so badly that it requires replacement or reinstallation of hardware.
      The damage potential is on a grand scale, almost anything and everything is controlled by software that can be modified or attacked
    • 7. How Permanent Denial-of-Service Works?
      Pushing hardware to its extreme, or corrupt its internal program/data structures
      Permanent Denial-of-Service Attacks:
      Overvolting
      Overclocking
      Overusing
      Power Cycling
      Phlashing
    • 8. 2nd Step: Attacking Hardware
      Permanent Denial-of-Service attacks are ranging from rendering devices such as iPhones, iPod and iPads useless to crashing hard drives, and to increasing the voltage within CPU’s.
      Permanent Denial-of-Service attacks can be independent, orchestrated, remotely triggered and etc.
    • 9. Scenario #1: Attacking the CEO’s iPad
    • 10. Scenario #2: Attacking the CRM/ERP
    • 11. Scenario #3: Taking down the Company
    • 12. Industrial Cyber Warfare Already Here
      Cyber Warfare is expected to hit the commercial market in the next few years and we will see more and more companies been attacked by APT that will “blow up” in their face.
      There is no silver bullet for it, this threat requires a threat modeling that reflects not only technological understanding but also business understanding of the company and it’s assets.
    • 13. Thanks!Questions are guaranteed in life; Answers aren't.
      mailto: itzik.kotler@security-art.com