Industrial Cyber Warfare Already Here

Itzik Kotler
Itzik KotlerCo-Founder & CTO at SafeBreach
Industrial Cyber Warfare Already Here,[object Object],Itzik Kotler,[object Object],CTO, Security Art,[object Object]
Cyber Warfare,[object Object],Cyber Warfare is the use of electronic communications and the Internet to disrupt a country's telecommunications, power supply, transport system, etc.,[object Object],Cyber Warfare arsenal includes: Logic Bombs, Permanent Denial-of-Service, Advanced Persistent Threats and more.,[object Object]
Let Me Stuxnet You!,[object Object],Today it’s a country that seeks to destroy another nation and tomorrow it’s a commercial company that seeks to make a rival company go out of business. An act of Industrial Cyber Warfare.,[object Object],A successfully delivered Industrial Cyber Warfare attack causes financial loss, operation loss, or both to the attacked company!,[object Object]
Industrial Cyber Warfare: Why & Who?,[object Object],Industrial Espionage,[object Object],Rival Companies,[object Object],Foreign Countries,[object Object],Terrorism,[object Object],Political/Social Agenda,[object Object],Revenge,[object Object],Blackmailing,[object Object],Greed, Power and etc.,[object Object]
1st Step: Getting In,[object Object],Getting infected with malware is usually much easier than detecting it, or getting rid of it.,[object Object],Delivery vectors:,[object Object],Client-side Vulnerabilities,[object Object],Social Networks,[object Object],Social Engineering,[object Object]
Permanent Denial-of-Service,[object Object],Permanent Denial-of-Service is an attack that damages hardware so badly that it requires replacement or reinstallation of hardware.,[object Object],The damage potential is on a grand scale, almost anything and everything is controlled by software that can be modified or attacked,[object Object]
How Permanent Denial-of-Service Works?,[object Object],Pushing hardware to its extreme, or corrupt its internal program/data structures,[object Object],Permanent Denial-of-Service Attacks:,[object Object],Overvolting,[object Object],Overclocking,[object Object],Overusing,[object Object],Power Cycling,[object Object],Phlashing,[object Object]
2nd Step: Attacking Hardware,[object Object],Permanent Denial-of-Service attacks are ranging from rendering devices such as iPhones, iPod and iPads useless to crashing hard drives, and to increasing the voltage within CPU’s.,[object Object],Permanent Denial-of-Service attacks can be independent, orchestrated, remotely triggered and etc. ,[object Object]
Scenario #1: Attacking the CEO’s iPad,[object Object]
Scenario #2: Attacking the CRM/ERP ,[object Object]
Scenario #3: Taking down the Company ,[object Object]
Industrial Cyber Warfare Already Here,[object Object],Cyber Warfare is expected to hit the commercial market in the next few years and we will see more and more companies been attacked by APT that will “blow up” in their face.,[object Object],There is no silver bullet for it, this threat requires a threat modeling that reflects not only technological understanding but also business understanding of the company and it’s assets.,[object Object]
Thanks!Questions are guaranteed in life; Answers aren't.,[object Object],mailto: itzik.kotler@security-art.com,[object Object]
1 of 13

Industrial Cyber Warfare Already Here

Download to read offline
Itzik Kotler
Itzik KotlerCo-Founder & CTO at SafeBreach

Recommended

Building Security Controls around Attack Models by
Building Security Controls around Attack ModelsBuilding Security Controls around Attack Models
Building Security Controls around Attack ModelsSeniorStoryteller
1.4K views32 slides
Goodbye Data, Hello Exfiltration by
Goodbye Data, Hello ExfiltrationGoodbye Data, Hello Exfiltration
Goodbye Data, Hello ExfiltrationItzik Kotler
707 views28 slides
Menlo Security Isolation Platform by
Menlo Security Isolation PlatformMenlo Security Isolation Platform
Menlo Security Isolation PlatformMarco Scala
447 views14 slides
Introduction to security testing by
Introduction to security testingIntroduction to security testing
Introduction to security testingNagasahas DS
731 views12 slides
Анализ тенденций рынка информационной безопасности by
Анализ тенденций рынка информационной безопасностиАнализ тенденций рынка информационной безопасности
Анализ тенденций рынка информационной безопасностиAleksey Lukatskiy
5.3K views18 slides
In Plain Sight: The Perfect Exfiltration by
In Plain Sight: The Perfect ExfiltrationIn Plain Sight: The Perfect Exfiltration
In Plain Sight: The Perfect ExfiltrationItzik Kotler
333 views33 slides

More Related Content

Featured

ChatGPT and the Future of Work - Clark Boyd by
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
23.4K views69 slides
Getting into the tech field. what next by
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
5.6K views22 slides
Google's Just Not That Into You: Understanding Core Updates & Search Intent by
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
6.3K views99 slides
How to have difficult conversations by
How to have difficult conversations How to have difficult conversations
How to have difficult conversations Rajiv Jayarajah, MAppComm, ACC
4.9K views19 slides
Introduction to Data Science by
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data ScienceChristy Abraham Joy
82.2K views51 slides
Time Management & Productivity - Best Practices by
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
169.7K views42 slides

Featured(20)

ChatGPT and the Future of Work - Clark Boyd by Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd23.4K views
Getting into the tech field. what next by Tessa Mero
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
Tessa Mero5.6K views
Google's Just Not That Into You: Understanding Core Updates & Search Intent by Lily Ray
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray6.3K views
How to have difficult conversations by Rajiv Jayarajah, MAppComm, ACC
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC4.9K views
Introduction to Data Science by Christy Abraham Joy
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
Christy Abraham Joy82.2K views
Time Management & Productivity - Best Practices by Vit Horky
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
Vit Horky169.7K views
The six step guide to practical project management by MindGenius
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
MindGenius36.6K views
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright... by RachelPearson36
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
RachelPearson3612.6K views
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present... by Applitools
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Applitools55.5K views
12 Ways to Increase Your Influence at Work by GetSmarter
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work
GetSmarter401.7K views
ChatGPT webinar slides by Alireza Esmikhani
ChatGPT webinar slidesChatGPT webinar slides
ChatGPT webinar slides
Alireza Esmikhani30.3K views
More than Just Lines on a Map: Best Practices for U.S Bike Routes by Project for Public Spaces & National Center for Biking and Walking
More than Just Lines on a Map: Best Practices for U.S Bike RoutesMore than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike Routes
Project for Public Spaces & National Center for Biking and Walking6.9K views
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G... by DevGAMM Conference
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
DevGAMM Conference3.6K views
Barbie - Brand Strategy Presentation by Erica Santiago
Barbie - Brand Strategy PresentationBarbie - Brand Strategy Presentation
Barbie - Brand Strategy Presentation
Erica Santiago25.1K views
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well by Saba Software
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them wellGood Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Saba Software25.2K views
Introduction to C Programming Language by Simplilearn
Introduction to C Programming LanguageIntroduction to C Programming Language
Introduction to C Programming Language
Simplilearn8.4K views
The Pixar Way: 37 Quotes on Developing and Maintaining a Creative Company (fr... by Palo Alto Software
The Pixar Way: 37 Quotes on Developing and Maintaining a Creative Company (fr...The Pixar Way: 37 Quotes on Developing and Maintaining a Creative Company (fr...
The Pixar Way: 37 Quotes on Developing and Maintaining a Creative Company (fr...
Palo Alto Software88.4K views
9 Tips for a Work-free Vacation by Weekdone.com
9 Tips for a Work-free Vacation9 Tips for a Work-free Vacation
9 Tips for a Work-free Vacation
Weekdone.com7.2K views
I Rock Therefore I Am. 20 Legendary Quotes from Prince by Empowered Presentations
I Rock Therefore I Am. 20 Legendary Quotes from PrinceI Rock Therefore I Am. 20 Legendary Quotes from Prince
I Rock Therefore I Am. 20 Legendary Quotes from Prince
Empowered Presentations142.9K views
How to Map Your Future by SlideShop.com
How to Map Your FutureHow to Map Your Future
How to Map Your Future
SlideShop.com275.1K views

Industrial Cyber Warfare Already Here

  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.

Editor's Notes

  1. Is there a loophole from which malicious software can enter your network?How would your monitoring devices react once the Trojan or virus has penetrated your network?How would your employees respond? How does your organization cope with the identified threat?How much time and effort is required to rectify and purge the threat?