Cyber Security for Critical Infrastrucutre-ppt
•
0 likes•552 views
The document discusses cyber security threats to critical infrastructure and the need for proactive cyber defense. It notes that cyber attacks are becoming more sophisticated and professional. Zero-day vulnerabilities pose one of the biggest threats since there are no existing defenses. It also discusses how security of industrial control systems is changing as these systems become more interconnected and integrated with other networks. Fuzz testing and maturity models for fuzz testing are introduced as important methods for detecting unknown vulnerabilities. Maintaining security will require managing both known and unknown vulnerabilities through approaches like fuzz testing.
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (20)
Similar to Cyber Security for Critical Infrastrucutre-ppt
Similar to Cyber Security for Critical Infrastrucutre-ppt (20)
Cyber Security for Critical Infrastrucutre-ppt
- 1. @codenomicon CYBER SECURITY FOR CRITICAL INFRASTRUCTURE Mohit Rampal - Regional Manager South Asia
- 2. 10/9/2015© 2014 All Rights Reserved 2 • Cyber Attacks: Internet-based incidents involving politically or financially motivated attacks on information and information systems. • Zero-day Vulnerabilities, Or Unknown Vulnerabilities: Software flaws that make exploitation and other illegal activities towards information systems possible • Proactive Cyber Defense: acting in anticipation to oppose an attack against computers and networks. CYBER THREATS : MORE PROFESSIONAL & SOPHISTICATED
- 3. 10/9/2015© 2014 All Rights Reserved 3 • Zero-day exploits, the biggest threat to security as there are no defenses against them and the attacks can go unnoticed. • Security landscape is changing: Governments, critical infrastructure providers and defense organizations increasingly rely on the Internet to perform mission-critical operations • India , a soft state , 7500 km’s of coastline running through 9 states and 4 union territories • Proactive Cyber Defence or active cyber defence (ACD) Is the Key way forward • US, China etc. Spending on Cyber Security for Homeland defense & increase of Cyber Units & Cyber Warriors • Cybercrime costs the United States approximately $100 billion annually • Vulnerable Verticals : Energy & Utilities, Financial Organizations, Telecom, Defense & Paramilitary Forces, Manufacturing etc WHY CYBER DEFENSE
- 4. 10/9/2015© 2014 All Rights Reserved 4 LESSONS FROM PAST CYBER ATTACKS • Cyber attacks accompany physical attacks • Cyber attacks are increasing in volume, sophistication, and coordination • Cyber attacks are attracted to high- value targets 4
- 5. 10/9/2015© 2014 All Rights Reserved 5 CHANGING LANDSCAPE IN ICS THREATS…
- 6. 10/9/2015© 2014 All Rights Reserved 6 BRAVE NEW WORLD WHAT WE HAD THEN WHAT WE HAVE NOW Corporate private servers and data storage Distributed data processing and storage Controlled access: Corporate issued laptops, closed ecosystem handsets… Ubiquitous access: BYOD, open platforms Isolated domains: Industrial Control Systems, Healthcare devices, Mil/Gov Networks Previously isolated domains getting interconnected: Remote connections to ICS systems, robots for remote surgery Proprietary protocols for communication and custom made HW/SW IP protocols, COTS HW, Open Source and commercial libraries for SW What about our defenses Antivirus, Firewall, IPS ???
- 7. 10/9/2015© 2014 All Rights Reserved 7 INDIA AND APAC ABUSE 09-10-2015 ©Copyright Codenomicon 7
- 8. 10/9/2015© 2014 All Rights Reserved 8 SECURITY IN ICS Designed to be isolated Connectivity over serial analogue circuits = Attacker needed to gain physical access to carry out attack Protocol designed for communication between trusted devices Protocols contain very little security features, such as encryption
- 9. 10/9/2015© 2014 All Rights Reserved 9 SECURITY IN ICS • ICS systems interconnected with outside world using IP-based communications and control networks were integrated into larger corporate networks… • Reducing costs • Improve efficiency • Exposure to external attacks • Almost all ICS devices are either directly or indirectly connected to internet • New Attack Surfaces • The need to separate the corporate and production network is well known – Often leads to ignorance of other equally critical interfaces • Trusted third parties still having access to ICS network… – Vendors?, System integrators?, Control engineers? • Not forgetting, WebHMI, Wireless connection exposure • Compromising security through end points 10/9/2015 9
- 10. 10/9/2015© 2014 All Rights Reserved 10 THE KNOWN AND THE UNKNOWN Known Vulnerability ManagementKnown Vulnerability Management Unknown Vulnerability Management (UVM)Unknown Vulnerability Management (UVM) Vulnerability Management Total Vulnerability Management SAST Approach 1980- PC Lint, OSS, Coverity, Fortify, IBM, Microsoft ... Whitebox testing DAST Approach 2000- Fuzzing: Codenomicon Defensics, Peach, Sulley Blackbox testing 1995-2000 Satan/Saint 1999- Nessus, ISS 2000- Qualys, HP, IBM, Symantec ... 2013: Codenomicon AppCheck ReactiveProactive Bottom line: All systems have vulnerabilities. - Both complimentary categories needs to be covered.
- 11. 10/9/2015© 2014 All Rights Reserved 11 11 UNKNOWN VULNERABILITY MANAGEMENT (UVM) • Another name: Zero-Day Vulnerability Management • Process of: • Detecting attack vectors • Finding zero-day vulnerabilities • Building defenses • Performing patch verification • Deployment in one big security push
- 12. 10/9/2015© 2014 All Rights Reserved 12 • A testing technique where purposefully unexpected and/or invalid input data is fed to tested system in hope to find robustness and security problems • Mutation/Template-Based Fuzzing • Quality of tests is based on the used template (seed) and mutation technique • Slow to execute, least bugs found • Generational/Specification-Based Fuzzing • Full test coverage, as the model is built from specification • Fast to execute, most bugs found WHAT IS FUZZING & TYPES OF FUZZING TECHNOLOGIES
- 13. 10/9/2015© 2014 All Rights Reserved 13 FUZZ TESTING MATURITY MODEL (FTMM) • Based on ISO/IEC 15504 framework • Has 5 maturity levels (+ zero level for immature) • Created to help in understanding the FTMM of a computer system or software • Differentiates system and interface level • Does NOT address organizational or process maturity (BSIMM, Microsoft SDLC, Cisco SDLC, etc. should be used for this) • Each level defines • Types of fuzz that needs to be performed • Time that has to be spent fuzzing • Amount of fuzz tests needed • Additional metrics required to reach the level
- 14. 10/9/2015© 2014 All Rights Reserved 14 FTMM MATURITY LEVELS 0 – Immature 1 – Initial 2 - Defined 3 - Integrated 4 – Managed TypesofFuzzing required 5 - Optimized Fuzztestsrequired Fuzztimerequired Attacksurface analysisrequired Typesof instrumentation required Typesoffailures allowedtoremain Fuzzingneedstobepartof organizationsSDLC Testharnessintegration Manualexecution Otherrequirements Testreportmustgenerated G (T) O,A,DG, T, R G and T G, T, R G) Generational, model based fuzzer T) Template/Mutational Fuzzer R) Random Fuzzer 1) Must use two different fuzzers 2) For each type of fuzzing Infinite (2 1 hour 1000000 1000000 (G) 5000000 (T) Infinite (2 100000 8 hours 8 hours 30 days 7 days AS) non-DsS assertions, must be noted M) Must be mandatorily done Y) It is required that tests are also manually executed U) Must use two different fuzzers for each type B) Baseline test configuration must be documented T or G O AS, TR A A O B none M X, C none XTR O) Human observation A) Automated instrumentation required D) Debugger integrated monitoring X) Required C) Code coverage/binary analysis required TR) Transient errors allowed, must be noted TR X M X Y X X X X X B, U X X X B
- 15. THANK YOU – QUESTIONS?