AS
Uploaded byAfrican Cyber Security Summit
518 views

Conférence ENGIE ACSS 2018

The African Cyber Security Summit held in Oran, Algeria, discussed a holistic approach to industrial cybersecurity, led by Faiz Djellouli from Engie, outlining the integration of governance and operational capabilities. It highlighted the vulnerabilities in industrial control systems and the increasing threats associated with the Internet of Things (IoT), emphasizing the need for robust cybersecurity measures and awareness. The presentation concluded with insights on the financial impacts of cybercrime and the importance of a unified cybersecurity strategy among various stakeholders.

Embed presentation

African Cyber Security Summit 03-05 avril 2018, Oran, Algérie. Conférence : Approche Holistique de la Cybersécurité Industrielle Faiz Djellouli Head of CITI Cybersecurity Services / CISO ENGIE - Global Business Consulting
Speaker Faïz DJELLOULI ENGIE | Global Business Support Head of CITI Cybersecurity – CISO « Govern »« Operate » « Investigate & Advise » « Remediate » « Assess » Vertically Integrated The GBS Cybersecurity Competence Center of ENGIE « A holistic service delivery center, from governance to operations » - 40 people - 24/7 incident remediation capabilities - Worldwide range
ENGIE in a nutshell Core Businesses
ENGIE Building the energy revolution: the 4 structural trends Working towards a digital customer offer by exploiting the technological revolution and digital transformation notably by providing e-Services.  Implies Digital Trust  Through Cyber Resilience
What is an Industrial Control System? Power Plants Petrochemicals Water Renewable Industrial Control Systems (ICS) are all systems used for the real-time monitoring and centralised control of remote and local industrial equipment (e.g. engines, valves, pumps, relays). ICS typically include Programmable Logic Controllers (PLC), Distributed Control Systems (DCS), Supervisory control and data acquisition software (SCADA), Safety instrumented systems (SIS), Sensors and actuators, fieldbus, etc. 24x365 stable operations (No rebootauthorized)Availability Damages to persons or environment, critical infrastructure service distruption, equipmentdeteriorationIncident Impacts 10 - 20 yearsLifespan Real-time response needed Data processing speed Operating during office hours (Rebootis acceptable) Image and financial impacts (industrial espionage,data thefts,fraud) 3-5 years Less impacted bysystem response delay Traditional Information Systems Industrial Control Systems (ICS)
The Internet of things (IoT) is the network of physical devices, vehicles, home appliances and other items embedded with electronics, software, sensors, actuators, and connectivity which enables these objects to connect and exchange data. What is IoT? 07/03/2018 AWARENESS SESSION - CYBERSECURITY IN OFFICE AND INDUSTRIAL NETWORKS 6 • Sensor (measure something) • Internet connectivity • Processor (calculation/processing capabilities) • (is) Energy efficient • (is) Cost effective • (has) Liability • (with) Security Our (wider) definition: A connected device which can be queried or controlled remotely through Internet or any private network (Power/Gas smart metering …)
How IoT vulnerabilities affect us in everyday life 07/03/2018 AWARENESS SESSION - CYBERSECURITY IN OFFICE AND INDUSTRIAL NETWORKS 7
Threat landscape on ICS: Global growing threats 8 • 64199 security incidents occurred in over 82 countries across a variety of industries • Just 10 vulnerabilities accounted for 85% of successful exploitations last year • Email attachments are the #1 delivery vehicle for malware • 3m40sec the time to get the first click on a malicious attachment or URL after the beginning of phishing attacks. • In 93% of data breaches, compromise occurred in minutes or less • 50% of exploits happen between 10 and 100 days after the vulnerability is published (median = 30 days) • 63% of confirmed data breaches involved weak, default, or stolen passwords • 37% of data breaches are attributed to internal attackers and maintainers Source: Verizon – data breach report
Threat landscape on ICS: getting more exposed 9  With digitalization, ICS are more (inter)connected, using more standard (vulnerable) technologies, more accessible by external counterparts and from remote premises, with more automation, etc.  Structuration of attackers and threat vectors.  …and people (users, managers, subcontractors) are not enough aware of cyber risks! IMPACT LIKELIHOOD Who ? Purpose ? Opportunistic attacks (mass infection) Script Kiddies Hacker team (structured group) State agency Extortion (Ransomware) Cyber WarSpying Cyber Terrorism
It is not only a reality, it is a business 10 Cybercrime has become a very profitable “business” • $126 billion: global price tag of consumer cybercrime • 689 million victims per year • 10% increase of victims number since 2015 [source: Norton Cybercrime report 2016] European passports 1200$ 1 million email address 10$ to 150$ AmEx Credit Card 30$ Bank auth. info 1% to 5% of balance 173$ False int. driver license 300 000 airline points 90$ Underground data market Cybercriminal services DDoS attack 5$/hour Ransomware < 100$ Remote access 5$ to 10$ Hacking tutorial 20$ to 40$
A first example An IoT solution in an Industrial environment for LNG leakage detection 11 Peripheral capable of transmission or reception of radio signals + 2.4Ghz antenna : HackRF used. Open source radio software ~ 350 euros Δ°C # Vulnerability Risk level Priority Description V-01 Attack by replaying frame High An attacker can replay recorded frames. The incremental ID is not checked on the server side. V-02 Acknowledgement of unencrypted messages High An unencrypted frame sent by a sensor whose should encrypted his messages is acknowledge and processed on server side. V-03 Acknowledgement of messages from an unregistered sensor Very High A frame from a unregistered sensor is acknowledged. The captor’s ID in the frame is not checked on the server side. Subcontractor solution supposedly secured, but pentesting showed the contrary…
Security Expedition: a more global and structured approach  CITI has designed a service named Security Expedition to accelerate the implementation of cyber security, whatever the maturity of the entity could be.  It consists in performing a 360° assessment and by having a double risk / compliancy approach SCADA Systems Industrial Plant IT/OT DATA- CENTER Business Continuity plan Data Privacy Secret Info
 Most ICS business impact analyses show that an isolated cyber attack on process control systems cannot lead to safety hazard  Such an incident would require a combination of human & cyber & physical attacks, or cyber attacks on both process and safety control systems, ex.: — Lack of rigor in safety inhibits / bypasses / overrides management — Hardware failure — Physical sabotage of safety emergency shutdown systems — Cyber attack on safety emergency shutdown systems (especially true when no process/safety segmentation) Focus on combinatorial attacks – Human, physical and cyber Oct. 6th 2017 Strategy Expedition - APAC - Singapore - Awareness session 13 Case study in Critical Energy Infrastructure for European project DEFENDER (H2020 Program)
 It has been shown that one of the most efficient ways to take control over an industrial network is through a combination of human, physical and cyber attacks  Ex.: Tech Insiders – Watch hackers break into the US power grid (https://www.youtube.com/watch?v=pL9q2lOZ1Fw) Focus on combinatorial attacks – Human, physical and cyber Oct. 6th 2017 Strategy Expedition - APAC - Singapore - Awareness session 14
Cyber-attacks on ICS in the News… 15 Teenager converted the television remote controller into a device capable of controlling all the junctions on the line. The rear wagon then swung off the rails and crashed into another passing tram. Security breach exploited by hacker in Dallas to set-off 156 emergency sirens for about 2 hours during the night.
Cyber-attacks on Industrial plants in the News… 00/00/2015 PRESENTATION TITLE ( FOOTER CAN BE PERSONALIZED AS FOLLOW: INSERT / HEADER AND FOOTER") 17 Employees targeted by social engineering through mail campaigns with malicious Excel file in attachment. Attackers infected the office network, retrieve VPN accesses to the industrial network and caused power blackout over Christmas. Factory operators targeted by social engineering and phishing attacks. The BSI’s report described this attack vector as “an advanced social engineering” attack. Process control and safety systems impacted. Steel works was stopped (stopping = irreversible process with massive damage on the production tool). 80,000 to 1.4 million people impacted. 6 hours – blackout. Damages evaluated to 10-20 M€ whereas a steel mill factory costs 100 M€.
Huge impacts could come with Cyber Attacks Oct. 6th 2017 Strategy Expedition - APAC - Singapore - Awareness session 18 Two researchers have proved the extreme vulnerability of the Spanish smart meters provided by "M**** and M***" that equip ENDESA. Black-Out risks, usurpation, fraud, targeted maliciousness to a given meter ... Stuxnet successfully infected machines in a network that is not connected to the Internet. The malware spread by infecting other computers on the local network or via USB keys until it reached OT workstations The virus modified the engineering workstation and exploited 4 unknown critical vulnerabilities affecting Windows OS.
Oct. 6th 2017 Strategy Expedition - APAC - Singapore - Awareness session 19 IoT cyber security attacks in the headlines
Cybersecurity strategy: an E2E vertical approach 20  Starts with Top Management awareness and understanding,  Specific end-to-end cybersecurity governance IT&OT  Identify and organize important functions with an inclusive and transversal approach Reaction Forensics Confine and eradicate threat Repare systems Detection Monitoring of critical assets to identify cyberattacks (or attempts) Threat analysis… Protection Security « by design » Organizational, technical and physical measures Contract clauses Governance Risk analysis Policies Security watch Audits and controls Awareness
Cybersecurity strategy: working in a network (horizontal) Customers / End users • Self-assessments and comprehensive risk approach (IT / OT) • Integrate security into processes (project, maintenance, monitoring, third party ...) State Agencies / Regulator / Clubs and Associations • Provide a realistic legislative framework • Qualify solutions • Raise awareness (especially in small structures) Security Solutions Providers • Propose solutions adapted to various contexts • Innovate, anticipate and respond quickly to threats ICS Editors / Integrators • Integrate security into solutions • Think about innovation with security in mind Strategy Expedition - APAC - Singapore - Awareness sessionOct. 6th 2017 21 Ecosystem with interdependent actors
Not have been hacked yet? Oct. 6th 2017 Strategy Expedition - APAC - Singapore - Awareness session 22 “There are only two types of companies: those that have been hacked, and those that will be do not know it yet” FBI Director Robert Mueller – 2012 UPDATE SUGGESTION - 2018
Faïz DJELLOULI Head of CITI Cybersecurity Services / CISO faiz.djellouli@engie.com +33669722964 An NGUYEN Deputy Head of CITI Cybersecurity Services / CISO an.nguyen@engie.com Thank you for your attention ! Any Questions ?

More Related Content

PPTX
Industrial Cybersecurity and Critical Infrastructure Protection in Europe
byPositive Hack Days
 
PDF
50+ facts about State of CyberSecurity in 2015
byMarcos Ortiz Valmaseda
 
PDF
Critical Infrastructure Protection against targeted attacks on cyber-physical...
byEnrique Martin
 
PDF
Critical Infrastructure and Cyber Security: trends and challenges
byCommunity Protection Forum
 
PDF
AVG Q3 2012 Threat Report
byAVG Technologies AU
 
PDF
Cyber as WMD- April 2015- GFSU
byMohit Rampal
 
PDF
Module 1 (legality)
byWail Hassan
 
PPTX
Automotive Hacking
byGAURAV. H .TANDON
 
Industrial Cybersecurity and Critical Infrastructure Protection in Europe
byPositive Hack Days
 
50+ facts about State of CyberSecurity in 2015
byMarcos Ortiz Valmaseda
 
Critical Infrastructure Protection against targeted attacks on cyber-physical...
byEnrique Martin
 
Critical Infrastructure and Cyber Security: trends and challenges
byCommunity Protection Forum
 
AVG Q3 2012 Threat Report
byAVG Technologies AU
 
Cyber as WMD- April 2015- GFSU
byMohit Rampal
 
Module 1 (legality)
byWail Hassan
 
Automotive Hacking
byGAURAV. H .TANDON
 

What's hot

PPSX
Computer hacking and security - Social Responsibility of IT Professional by M...
byMark John Lado, MIT
 
PDF
IoT: Security & Privacy at IGNITE 2015
byHildebrand Technology
 
PDF
Io t security defense in depth charles li v1 20180425c
byCharles Li
 
PDF
The new era of Cyber Security IEC62443
byWoMaster
 
PDF
IoT security and privacy: main challenges and how ISOC-OTA address them
byRadouane Mrabet
 
PPTX
IoT security patterns
byExosite
 
PDF
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
byCyber Security Alliance
 
PDF
Introduction (ethical hacking)
byWail Hassan
 
PDF
IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...
bySeungjoo Kim
 
PPTX
Ncma saguaro cyber security 2016 law &amp; regulations asis phoenix dely fina...
byJohn Hamilton, DAHC,EHC,CFDAI, CPP, PSPO
 
PPTX
SC Magazine & ForeScout Survey Results
byForeScout Technologies
 
PDF
amrapali builders -- maroochy water-services-case-study briefing.pdf
byamrapalibuildersreviews
 
PPTX
Study on Zeus Banking Malware
byShaik Anisa
 
PDF
Bolstering the security of iiot applications – how to go about it
byMoon Technolabs Pvt. Ltd.
 
PDF
IBM Security Services Overview
byCasey Lucas
 
PDF
Cloud computing security infrastructure
byIntel IT Center
 
PPTX
Uniken Presentation for IT Minister @iSPIRT Event - Conclave for India as Pro...
byProductNation/iSPIRT
 
PDF
Cyber Security
byIRJET Journal
 
PDF
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
byAngeloluca Barba
 
Computer hacking and security - Social Responsibility of IT Professional by M...
byMark John Lado, MIT
 
IoT: Security & Privacy at IGNITE 2015
byHildebrand Technology
 
Io t security defense in depth charles li v1 20180425c
byCharles Li
 
The new era of Cyber Security IEC62443
byWoMaster
 
IoT security and privacy: main challenges and how ISOC-OTA address them
byRadouane Mrabet
 
IoT security patterns
byExosite
 
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
byCyber Security Alliance
 
Introduction (ethical hacking)
byWail Hassan
 
IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...
bySeungjoo Kim
 
Ncma saguaro cyber security 2016 law &amp; regulations asis phoenix dely fina...
byJohn Hamilton, DAHC,EHC,CFDAI, CPP, PSPO
 
SC Magazine & ForeScout Survey Results
byForeScout Technologies
 
amrapali builders -- maroochy water-services-case-study briefing.pdf
byamrapalibuildersreviews
 
Study on Zeus Banking Malware
byShaik Anisa
 
Bolstering the security of iiot applications – how to go about it
byMoon Technolabs Pvt. Ltd.
 
IBM Security Services Overview
byCasey Lucas
 
Cloud computing security infrastructure
byIntel IT Center
 
Uniken Presentation for IT Minister @iSPIRT Event - Conclave for India as Pro...
byProductNation/iSPIRT
 
Cyber Security
byIRJET Journal
 
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
byAngeloluca Barba
 

Similar to Conférence ENGIE ACSS 2018

PDF
Cyber security colombo meetup
byEguardian Global Services
 
PPTX
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
bymike parks
 
PDF
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
byShah Sheikh
 
PDF
Booz Allen Industrial Cybersecurity Threat Briefing
byBooz Allen Hamilton
 
PPTX
Critical Infrastructure Security by Subodh Belgi
byClubHack
 
PDF
Cyber Security in Manufacturing
byCentraComm
 
DOCX
Bulletinof theAtomicScientistsIT IS 5 MINUTES TO MID.docx
byRAHUL126667
 
PDF
Architecting cybersecurity to future proof smart cities against emerging cybe...
byNUS-ISS
 
PPTX
Cyber Security in the Manufacturing Industry: New challenges in the informati...
byEkonomikas ministrija
 
PDF
2019 10-22 axio - taking control of cyber risk - grid-seccon
byAxio
 
PPT
Cybersecurity for Control Systems: Current State and Future Vision pt.1
byEnergySec
 
PDF
Industrial Control Security USA Sacramento California Oct 13/14
byJames Nesbitt
 
PPTX
Cybersecurity in the Era of IoT
byAmy Daly
 
PDF
Cybersecurity for Energy: Moving Beyond Compliance
byEnergySec
 
PDF
Cybersecurity | Risk. Impact. Innovations.
byVertex Holdings
 
PPTX
Cyber threat enterprise leadership required march 2014
byPeter ODell
 
PDF
Top Cyber News Magazine Daniel Ehrenreich
byTopCyberNewsMAGAZINE
 
PDF
2021. Top Cyber News MAGAZINE Daniel Ehrenreich October 2021
byDr. Ludmila Morozova-Buss
 
PDF
Ansaldo STS at CPExpo 2013: "Risks and Security Management in Logistics and ...
byLeonardo
 
PDF
Cyber Security in Railways Systems, Ansaldo STS experience
byCommunity Protection Forum
 
Cyber security colombo meetup
byEguardian Global Services
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
bymike parks
 
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
byShah Sheikh
 
Booz Allen Industrial Cybersecurity Threat Briefing
byBooz Allen Hamilton
 
Critical Infrastructure Security by Subodh Belgi
byClubHack
 
Cyber Security in Manufacturing
byCentraComm
 
Bulletinof theAtomicScientistsIT IS 5 MINUTES TO MID.docx
byRAHUL126667
 
Architecting cybersecurity to future proof smart cities against emerging cybe...
byNUS-ISS
 
Cyber Security in the Manufacturing Industry: New challenges in the informati...
byEkonomikas ministrija
 
2019 10-22 axio - taking control of cyber risk - grid-seccon
byAxio
 
Cybersecurity for Control Systems: Current State and Future Vision pt.1
byEnergySec
 
Industrial Control Security USA Sacramento California Oct 13/14
byJames Nesbitt
 
Cybersecurity in the Era of IoT
byAmy Daly
 
Cybersecurity for Energy: Moving Beyond Compliance
byEnergySec
 
Cybersecurity | Risk. Impact. Innovations.
byVertex Holdings
 
Cyber threat enterprise leadership required march 2014
byPeter ODell
 
Top Cyber News Magazine Daniel Ehrenreich
byTopCyberNewsMAGAZINE
 
2021. Top Cyber News MAGAZINE Daniel Ehrenreich October 2021
byDr. Ludmila Morozova-Buss
 
Ansaldo STS at CPExpo 2013: "Risks and Security Management in Logistics and ...
byLeonardo
 
Cyber Security in Railways Systems, Ansaldo STS experience
byCommunity Protection Forum
 

More from African Cyber Security Summit

PDF
Bilan & Perspectives #ACSS2019
byAfrican Cyber Security Summit
 
PDF
Rapport de Visibilité #ACSS2019
byAfrican Cyber Security Summit
 
PDF
Atelier Technique - F5 - #ACSS2019
byAfrican Cyber Security Summit
 
PDF
Atelier Technique - F5 - #ACSS2019
byAfrican Cyber Security Summit
 
PPTX
Atelier Technique - Symantec - #ACSS2019
byAfrican Cyber Security Summit
 
PPTX
Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...
byAfrican Cyber Security Summit
 
PPTX
Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...
byAfrican Cyber Security Summit
 
PPTX
Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...
byAfrican Cyber Security Summit
 
PPTX
Conférence - Le métier du RSSI en pleine évolution - #ACSS2019
byAfrican Cyber Security Summit
 
PPTX
Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...
byAfrican Cyber Security Summit
 
PPTX
Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...
byAfrican Cyber Security Summit
 
PDF
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
byAfrican Cyber Security Summit
 
PPTX
Conférence - Digital Identity and Blockchain - #ACSS2019
byAfrican Cyber Security Summit
 
PDF
Bilan & Perspectives - ACSS 2018
byAfrican Cyber Security Summit
 
PDF
Rapport de Visibilité ACCS 2018
byAfrican Cyber Security Summit
 
PDF
Atelier Technique CISCO ACSS 2018
byAfrican Cyber Security Summit
 
PDF
Atelier Technique SYMANTEC ACSS 2018
byAfrican Cyber Security Summit
 
PDF
Atelier Technique MANAGE ENGINE ACSS 2018
byAfrican Cyber Security Summit
 
PDF
Atelier Technique EXTREME NETWORKS ACSS 2018
byAfrican Cyber Security Summit
 
PDF
Atelier Technique WALLIX ACSS 2018
byAfrican Cyber Security Summit
 
Bilan & Perspectives #ACSS2019
byAfrican Cyber Security Summit
 
Rapport de Visibilité #ACSS2019
byAfrican Cyber Security Summit
 
Atelier Technique - F5 - #ACSS2019
byAfrican Cyber Security Summit
 
Atelier Technique - F5 - #ACSS2019
byAfrican Cyber Security Summit
 
Atelier Technique - Symantec - #ACSS2019
byAfrican Cyber Security Summit
 
Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...
byAfrican Cyber Security Summit
 
Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...
byAfrican Cyber Security Summit
 
Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...
byAfrican Cyber Security Summit
 
Conférence - Le métier du RSSI en pleine évolution - #ACSS2019
byAfrican Cyber Security Summit
 
Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...
byAfrican Cyber Security Summit
 
Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...
byAfrican Cyber Security Summit
 
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
byAfrican Cyber Security Summit
 
Conférence - Digital Identity and Blockchain - #ACSS2019
byAfrican Cyber Security Summit
 
Bilan & Perspectives - ACSS 2018
byAfrican Cyber Security Summit
 
Rapport de Visibilité ACCS 2018
byAfrican Cyber Security Summit
 
Atelier Technique CISCO ACSS 2018
byAfrican Cyber Security Summit
 
Atelier Technique SYMANTEC ACSS 2018
byAfrican Cyber Security Summit
 
Atelier Technique MANAGE ENGINE ACSS 2018
byAfrican Cyber Security Summit
 
Atelier Technique EXTREME NETWORKS ACSS 2018
byAfrican Cyber Security Summit
 
Atelier Technique WALLIX ACSS 2018
byAfrican Cyber Security Summit
 

Recently uploaded

PPTX
Would The Military Conduct A Coup? An Updated Seven Days In May
byBob Mayer
 
PDF
13122025_First India Newspaper Jaipur.pdf
byFIRST INDIA
 
PDF
Every Inch of Iraq Witnesses a Human Rights Violation
byMohamed Alfayyadh
 
PPTX
article IV- Philippine Government- pptx.
byBandillaNatashaNicol
 
PPTX
Leave Encashment Revolution- Decoding New ₹25 Lakh Exemption.pptx
bytaxguruedu
 
PPTX
Taking better care of our workers: How can a Fair Pay Agreement improve condi...
byResolutionFoundation
 
PDF
Trump Announces “Warrior Dividend” Payments for Troops — Insights from a Top ...
byMike Brown
 
PDF
1941 Dominion Provincial Conference-_251212_123722.pdf
byThane Heins NOBEL PRIZE WINNING ENERGY RESEARCHER
 
PDF
NEOFASCISM AND NEO-IMPERIALISM AS MANIFESTATIONS OF THE FINAL CRISIS OF CAPIT...
byFaga1939
 
PDF
1950 Supreme Court of Canada Ruling_251212_124005.pdf
byThane Heins NOBEL PRIZE WINNING ENERGY RESEARCHER
 
DOCX
Authorities. Zelensky. Addresses and responses Bolgarchuk R.Y..docx
byopenrequestsbolgarch
 
PDF
How Nepal’s Gen Z Turned Orodism into a Street Movement.pdf
bysurveylllr
 
Would The Military Conduct A Coup? An Updated Seven Days In May
byBob Mayer
 
13122025_First India Newspaper Jaipur.pdf
byFIRST INDIA
 
Every Inch of Iraq Witnesses a Human Rights Violation
byMohamed Alfayyadh
 
article IV- Philippine Government- pptx.
byBandillaNatashaNicol
 
Leave Encashment Revolution- Decoding New ₹25 Lakh Exemption.pptx
bytaxguruedu
 
Taking better care of our workers: How can a Fair Pay Agreement improve condi...
byResolutionFoundation
 
Trump Announces “Warrior Dividend” Payments for Troops — Insights from a Top ...
byMike Brown
 
1941 Dominion Provincial Conference-_251212_123722.pdf
byThane Heins NOBEL PRIZE WINNING ENERGY RESEARCHER
 
NEOFASCISM AND NEO-IMPERIALISM AS MANIFESTATIONS OF THE FINAL CRISIS OF CAPIT...
byFaga1939
 
1950 Supreme Court of Canada Ruling_251212_124005.pdf
byThane Heins NOBEL PRIZE WINNING ENERGY RESEARCHER
 
Authorities. Zelensky. Addresses and responses Bolgarchuk R.Y..docx
byopenrequestsbolgarch
 
How Nepal’s Gen Z Turned Orodism into a Street Movement.pdf
bysurveylllr
 

Conférence ENGIE ACSS 2018

  • 1.
    African Cyber SecuritySummit 03-05 avril 2018, Oran, Algérie. Conférence : Approche Holistique de la Cybersécurité Industrielle Faiz Djellouli Head of CITI Cybersecurity Services / CISO ENGIE - Global Business Consulting
  • 2.
    Speaker Faïz DJELLOULI ENGIE |Global Business Support Head of CITI Cybersecurity – CISO « Govern »« Operate » « Investigate & Advise » « Remediate » « Assess » Vertically Integrated The GBS Cybersecurity Competence Center of ENGIE « A holistic service delivery center, from governance to operations » - 40 people - 24/7 incident remediation capabilities - Worldwide range
  • 3.
    ENGIE in anutshell Core Businesses
  • 4.
    ENGIE Building theenergy revolution: the 4 structural trends Working towards a digital customer offer by exploiting the technological revolution and digital transformation notably by providing e-Services.  Implies Digital Trust  Through Cyber Resilience
  • 5.
    What is anIndustrial Control System? Power Plants Petrochemicals Water Renewable Industrial Control Systems (ICS) are all systems used for the real-time monitoring and centralised control of remote and local industrial equipment (e.g. engines, valves, pumps, relays). ICS typically include Programmable Logic Controllers (PLC), Distributed Control Systems (DCS), Supervisory control and data acquisition software (SCADA), Safety instrumented systems (SIS), Sensors and actuators, fieldbus, etc. 24x365 stable operations (No rebootauthorized)Availability Damages to persons or environment, critical infrastructure service distruption, equipmentdeteriorationIncident Impacts 10 - 20 yearsLifespan Real-time response needed Data processing speed Operating during office hours (Rebootis acceptable) Image and financial impacts (industrial espionage,data thefts,fraud) 3-5 years Less impacted bysystem response delay Traditional Information Systems Industrial Control Systems (ICS)
  • 6.
    The Internet ofthings (IoT) is the network of physical devices, vehicles, home appliances and other items embedded with electronics, software, sensors, actuators, and connectivity which enables these objects to connect and exchange data. What is IoT? 07/03/2018 AWARENESS SESSION - CYBERSECURITY IN OFFICE AND INDUSTRIAL NETWORKS 6 • Sensor (measure something) • Internet connectivity • Processor (calculation/processing capabilities) • (is) Energy efficient • (is) Cost effective • (has) Liability • (with) Security Our (wider) definition: A connected device which can be queried or controlled remotely through Internet or any private network (Power/Gas smart metering …)
  • 7.
    How IoT vulnerabilitiesaffect us in everyday life 07/03/2018 AWARENESS SESSION - CYBERSECURITY IN OFFICE AND INDUSTRIAL NETWORKS 7
  • 8.
    Threat landscape onICS: Global growing threats 8 • 64199 security incidents occurred in over 82 countries across a variety of industries • Just 10 vulnerabilities accounted for 85% of successful exploitations last year • Email attachments are the #1 delivery vehicle for malware • 3m40sec the time to get the first click on a malicious attachment or URL after the beginning of phishing attacks. • In 93% of data breaches, compromise occurred in minutes or less • 50% of exploits happen between 10 and 100 days after the vulnerability is published (median = 30 days) • 63% of confirmed data breaches involved weak, default, or stolen passwords • 37% of data breaches are attributed to internal attackers and maintainers Source: Verizon – data breach report
  • 9.
    Threat landscape onICS: getting more exposed 9  With digitalization, ICS are more (inter)connected, using more standard (vulnerable) technologies, more accessible by external counterparts and from remote premises, with more automation, etc.  Structuration of attackers and threat vectors.  …and people (users, managers, subcontractors) are not enough aware of cyber risks! IMPACT LIKELIHOOD Who ? Purpose ? Opportunistic attacks (mass infection) Script Kiddies Hacker team (structured group) State agency Extortion (Ransomware) Cyber WarSpying Cyber Terrorism
  • 10.
    It is notonly a reality, it is a business 10 Cybercrime has become a very profitable “business” • $126 billion: global price tag of consumer cybercrime • 689 million victims per year • 10% increase of victims number since 2015 [source: Norton Cybercrime report 2016] European passports 1200$ 1 million email address 10$ to 150$ AmEx Credit Card 30$ Bank auth. info 1% to 5% of balance 173$ False int. driver license 300 000 airline points 90$ Underground data market Cybercriminal services DDoS attack 5$/hour Ransomware < 100$ Remote access 5$ to 10$ Hacking tutorial 20$ to 40$
  • 11.
    A first example AnIoT solution in an Industrial environment for LNG leakage detection 11 Peripheral capable of transmission or reception of radio signals + 2.4Ghz antenna : HackRF used. Open source radio software ~ 350 euros Δ°C # Vulnerability Risk level Priority Description V-01 Attack by replaying frame High An attacker can replay recorded frames. The incremental ID is not checked on the server side. V-02 Acknowledgement of unencrypted messages High An unencrypted frame sent by a sensor whose should encrypted his messages is acknowledge and processed on server side. V-03 Acknowledgement of messages from an unregistered sensor Very High A frame from a unregistered sensor is acknowledged. The captor’s ID in the frame is not checked on the server side. Subcontractor solution supposedly secured, but pentesting showed the contrary…
  • 12.
    Security Expedition: amore global and structured approach  CITI has designed a service named Security Expedition to accelerate the implementation of cyber security, whatever the maturity of the entity could be.  It consists in performing a 360° assessment and by having a double risk / compliancy approach SCADA Systems Industrial Plant IT/OT DATA- CENTER Business Continuity plan Data Privacy Secret Info
  • 13.
     Most ICSbusiness impact analyses show that an isolated cyber attack on process control systems cannot lead to safety hazard  Such an incident would require a combination of human & cyber & physical attacks, or cyber attacks on both process and safety control systems, ex.: — Lack of rigor in safety inhibits / bypasses / overrides management — Hardware failure — Physical sabotage of safety emergency shutdown systems — Cyber attack on safety emergency shutdown systems (especially true when no process/safety segmentation) Focus on combinatorial attacks – Human, physical and cyber Oct. 6th 2017 Strategy Expedition - APAC - Singapore - Awareness session 13 Case study in Critical Energy Infrastructure for European project DEFENDER (H2020 Program)
  • 14.
     It hasbeen shown that one of the most efficient ways to take control over an industrial network is through a combination of human, physical and cyber attacks  Ex.: Tech Insiders – Watch hackers break into the US power grid (https://www.youtube.com/watch?v=pL9q2lOZ1Fw) Focus on combinatorial attacks – Human, physical and cyber Oct. 6th 2017 Strategy Expedition - APAC - Singapore - Awareness session 14
  • 15.
    Cyber-attacks on ICSin the News… 15 Teenager converted the television remote controller into a device capable of controlling all the junctions on the line. The rear wagon then swung off the rails and crashed into another passing tram. Security breach exploited by hacker in Dallas to set-off 156 emergency sirens for about 2 hours during the night.
  • 16.
    Cyber-attacks on Industrialplants in the News… 00/00/2015 PRESENTATION TITLE ( FOOTER CAN BE PERSONALIZED AS FOLLOW: INSERT / HEADER AND FOOTER") 17 Employees targeted by social engineering through mail campaigns with malicious Excel file in attachment. Attackers infected the office network, retrieve VPN accesses to the industrial network and caused power blackout over Christmas. Factory operators targeted by social engineering and phishing attacks. The BSI’s report described this attack vector as “an advanced social engineering” attack. Process control and safety systems impacted. Steel works was stopped (stopping = irreversible process with massive damage on the production tool). 80,000 to 1.4 million people impacted. 6 hours – blackout. Damages evaluated to 10-20 M€ whereas a steel mill factory costs 100 M€.
  • 17.
    Huge impacts couldcome with Cyber Attacks Oct. 6th 2017 Strategy Expedition - APAC - Singapore - Awareness session 18 Two researchers have proved the extreme vulnerability of the Spanish smart meters provided by "M**** and M***" that equip ENDESA. Black-Out risks, usurpation, fraud, targeted maliciousness to a given meter ... Stuxnet successfully infected machines in a network that is not connected to the Internet. The malware spread by infecting other computers on the local network or via USB keys until it reached OT workstations The virus modified the engineering workstation and exploited 4 unknown critical vulnerabilities affecting Windows OS.
  • 18.
    Oct. 6th 2017Strategy Expedition - APAC - Singapore - Awareness session 19 IoT cyber security attacks in the headlines
  • 19.
    Cybersecurity strategy: anE2E vertical approach 20  Starts with Top Management awareness and understanding,  Specific end-to-end cybersecurity governance IT&OT  Identify and organize important functions with an inclusive and transversal approach Reaction Forensics Confine and eradicate threat Repare systems Detection Monitoring of critical assets to identify cyberattacks (or attempts) Threat analysis… Protection Security « by design » Organizational, technical and physical measures Contract clauses Governance Risk analysis Policies Security watch Audits and controls Awareness
  • 20.
    Cybersecurity strategy: workingin a network (horizontal) Customers / End users • Self-assessments and comprehensive risk approach (IT / OT) • Integrate security into processes (project, maintenance, monitoring, third party ...) State Agencies / Regulator / Clubs and Associations • Provide a realistic legislative framework • Qualify solutions • Raise awareness (especially in small structures) Security Solutions Providers • Propose solutions adapted to various contexts • Innovate, anticipate and respond quickly to threats ICS Editors / Integrators • Integrate security into solutions • Think about innovation with security in mind Strategy Expedition - APAC - Singapore - Awareness sessionOct. 6th 2017 21 Ecosystem with interdependent actors
  • 21.
    Not have beenhacked yet? Oct. 6th 2017 Strategy Expedition - APAC - Singapore - Awareness session 22 “There are only two types of companies: those that have been hacked, and those that will be do not know it yet” FBI Director Robert Mueller – 2012 UPDATE SUGGESTION - 2018
  • 22.
    Faïz DJELLOULI Head ofCITI Cybersecurity Services / CISO faiz.djellouli@engie.com +33669722964 An NGUYEN Deputy Head of CITI Cybersecurity Services / CISO an.nguyen@engie.com Thank you for your attention ! Any Questions ?