2. Novian Christanto
● 1998 – 2002
Physical Engineering , Sepuluh Nopember Institute of Technology
● 2002 – 2006
Software Developer (Database , ERP)
● 2006 – 2010
Control System :
- DCS
- SCADA
● 2010 - 2011
Mobile Developer (Blackberry, Android)
● 2011 – Now
Solution and Control System :
- SCADA
- Network and Security
- Solution Based on Software
Solution Specialist at Yokogawa Indonesia
5. How Malware Spread
Computer with weak password
Open Port
Vulnerable RPC (Remote Procedure Call)
Removable devices, such External HD
and USB Stick
Computer with open shares
Computer without the latest security
updates
6. in depth malware
● Malware contain of a lot of application function
● Malware specific to Operating System
7. Stuxnet Case Study
● Stuxnet attack Iran Nuclear Program
● Enter a system via a USB stick
● Proceeds to infect all machine running Microsoft Windows
● Siemens PCS 7, WinCC and STEP 7 industrial software application
● S7 PLC
● Stuxnet is unusually large at half a megabyte in size, and written in several
different programming languages (including C and C++) which is also
irregular for malware
9. How Stuxnet Work
HMI PLC
Services
Application
Stuxnet
Frequency Drives
807 Hz and 1.210Hz
Frequency Drives
2 Hz and 1.064 Hz
Vacon based in Finland and
Fararo Paya based in Iran
10. Organization Crime
Money
Angry Person
- Customer dissatisfaction
- Unsatisfied former
employee
Hacktivists
- Destruction
- Political influence
Script kiddies
- Test skill
- Excitement and fun
Competitor
Competitive advantage
Cyber Attack Motivation
13. Cyber Security Common Myths on
Industrial Automation
● We don’t connect to the Internet
● Our facility is not a target
● Hackers don’t understand control system