Download to read offline
![[CLASS 2014] Palestra Técnica - Samuel Linares](https://cdn.slidesharecdn.com/ss_thumbnails/ptclass07-samuellinares-141113064754-conversion-gate02-thumbnail.jpg?width=640&height=640&fit=bounds)
![[CLASS 2014] Palestra Técnica - Michael Firstenberg](https://cdn.slidesharecdn.com/ss_thumbnails/ptclass24-michaelfirstenberg-141113070416-conversion-gate02-thumbnail.jpg?width=640&height=640&fit=bounds)
Ht r35 b
- 1. Session ID: Session Classification: RobertM. Hinden Check Point Software HT-R35B Intermediate THE THREAT TO THE SMART GRID IS WORSE THAN WE THINK
- 2. ► Smart GridOverview ► The Problem ► Challenges ► Solutions OVERVIEW
- 3. ► IP Networkingof the Electrical Power Network ► Substations, distribution network, transmission networks, smart meters, homes/businesses ► Worldwide Investment ► Biggest upgrade to electrical power infrastructure in many years ► $3.4B of US Stimulus funds toward electric grid projects ► Clear Return on Investment ► Real time measurement of power consumption allowing better coupling of generation to usage ► Remote adds/disconnects, meter reading, etc. WHAT IS THE SMART GRID?
- 4.
- 5. ► Networking PowerProduction and Distribution Infrastructure ► NERC-CIP – Federal Critical Infrastructure protection ► IEC 61850 – How do you network Infrastructure ► IEEE 1613 – Environmental requirements for Substations ► Smart Meters ► Allow real time power measurement and remote disconnect / reconnect ► Home / Corporate Networks ► Gateway to electric power devices inside home or corporation SMART GRID COMPONENTS
- 6.
- 7. ► It’s obviousthat we want a secure Smart Grid ► Who wants hackers to turn off the power? ► The attacks are evolving faster than the current security solutions ► Energy companies and traditional electrical equipment vendors are not exactly security experts THE PROBLEM
- 8. ► The problemis similar to what enterprises face today ► But the consequences of an attack are much greater ► Internet attacks where credit cards are stolen or corporate data is compromised are troublesome ► But they don’t cause people to die ► Attacks on the power infrastructure have consequences ranging from ► Turning off the power ► Disruption of traffic and transportation systems ► Killing people by turning off life support in hospitals THE PROBLEM (continued)
- 9. 41% of Incidents reported and investigatedin 2012 were Energy related (82 out of 198) US DHS INDUSTRIAL CONTROL SYSTEMS CERT 2012 REPORT ( http://www.us-cert.gov/control_systems/pdf/ICS-CERT_Monthly_Monitor_Oct-Dec2012.pdf )
- 10. 1 http://www.euractiv.com/energy/european-renewable-power-grid-ro-news-516541 2 http://ics-cert.us-cert.gov/pdf/ICS-CERT_Monthly_Monitor_Oct-Dec2012.pdf 2012EXAMPLES ► Cyber Attack on European Renewable Power Grid ► 5 day attack kept communication systems offline1 ► Power Generation Facility ► Malware in control system2 ► Virus Infection at Electric Utility ► Virus in turbine control system2
- 11.
- 12. ► Hard Exterior,Soft Interior model ► Firewalls around the edges ► VPNs between devices and management/data centers ► This isn’t adequate CURRENT SMART GRID SECURITY
- 13. ► USB isa very common attack vector ► STUXNET was initially spread by infected USB sticks ► Connection to the Internet isn’t the only attack vector USB STICK ATTACKS
- 14. ► Remote controlof High Voltage Switches ► Talking to one vendor at a power tradeshow ► “we use passwords to secure the access” ► That’s going to work… WiFi CONTROLLED SWITCHES
- 15. ► ICSA-12-354-01—RUGGEDCOM ► Hard-codedRSA SSL private key identified in RuggedCom’s Rugged Operating System (ROS). ► ICSA-12-243-01 GARRETTCOM ► The Magnum MNS-6K Management Software uses an undocumented hard-coded password ► ICSA-12-214-01 SIEMENS ► Siemens Synco OZW devices are shipped with a default password protecting administrative functions EQUIPMENT WITH DEFAULT ACCESS
- 16.
- 17. ► Hard Exterior/ Soft Interior model is not adequate ► Attacks will come from the inside ► Broad and dynamic security measures are needed ► Malware detection ► IPS to inspect control protocols ► Anti-Bot software ► Antivirus and Anti-Malware on all control computers ► Dedicated and general purpose ► Maybe using Windows (especially XP) for controllers isn’t a good idea ► Frequent updates of software and signatures is critical ► Security awareness of staff needs to be improved WHAT NEEDS TO BE DONE
- 18. ► The SmartGrid is the IP Networking of the electrical power network ► Current approaches to Smart Grid security are not adequate ► Broad and dynamic security measures are needed SUMMARY
- 19.
- 20.