SlideShare a Scribd company logo

SCADA Systems and Criminal Profiles

Alessio Pennasilico
Alessio Pennasilico

This document discusses security risks related to SCADA systems and critical infrastructure. It outlines various threat profiles including blockbuster-watching operators, worms that have infected nuclear plants, disgruntled employees conducting sabotage, state-sponsored hacking of gas utilities, and intentionally flawed software leading to pipeline explosions. Recent incidents are described like road signs being hacked to say "Zombies Ahead". The document argues that all infrastructure is at risk from distracted insiders, casual hackers, and motivated attackers. However, technological tools, organizational strategies, and standards exist to prevent and mitigate risks and attacks.

Technology
1 of 21
Download to read offline
Sistemi SCADA e profili criminali di cosa ci dobbiamo preoccupare? Roma, 6 Aprile 2011 Alessio L.R. Pennasilico mayhem@alba.st twitter: mayhemspp FaceBook: alessio.pennasilico
$ whois mayhem Security Evangelist @ Board of Directors: CLUSIT, Associazione Informatici Professionisti (AIP/OPSI), Associazione Italiana Professionisti Sicurezza Informatica (AIPSI), Italian Linux Society (ILS), OpenBSD Italian User Group, Hacker’s Profiling Project Sistemi SCADA e profili criminali mayhem@alba.st 2
Infrastrutture critiche I sistemi SCADA possono gestire automazione industriale centrali elettriche fornitura di gas o acqua comunicazioni trasporti Sistemi SCADA e profili criminali mayhem@alba.st 3
Di chi mi devo preoccupare?
Blockbuster “Il sistema di gestione della centrale elettrica non rispondeva. L’operatore stava guardando un DVD sul computer di gestione” CSO di una utility di distribuzione energia elettrica Sistemi SCADA e profili criminali mayhem@alba.st 5
Worm “In August 2003 Slammer infected a private computer network at the idled Davis-Besse nuclear power plant in Oak Harbor, Ohio, disabling a safety monitoring system for nearly five hours.” Nist,Guide to SCADA Sistemi SCADA e profili criminali mayhem@alba.st 6
Disgruntled employee Vitek Boden, in 2000, was arrested, convicted and jailed because he released millions of liters of untreated sewage using his wireless laptop. It happened in Maroochy Shire, Queensland, may be as a revenge against his last former employer. http://www.theregister.co.uk/2001/10/31/hacker_jailed_for_revenge_sewage/ Sistemi SCADA e profili criminali mayhem@alba.st 7
Gazprom “Russian authorities revealed this week that Gazprom, a state-run gas utility, came under the control of malicious hackers last year. […]The report said hackers used a Trojan horse program, which stashes lines of harmful computer code in a benign- looking program.” http://findarticles.com/p/articles/mi_qa3739/is_200403/ai_n9360106 Sistemi SCADA e profili criminali mayhem@alba.st 8
Sabotaggio Thomas C. Reed, Ronald Regan’s Secretary, described in his book “At the abyss” how the U.S. arranged for the Soviets to receive intentionally flawed SCADA software to manage their natural gas pipelines. "The pipeline software that was to run the pumps, turbines, and values was programmed to go haywire, after a decent interval, to reset pump speeds and valve settings to produce pressures far beyond those acceptable to pipeline joints and welds." A 3 kiloton explosion was the result, in 1982 in Siberia. http://www.themoscowtimes.ru/stories/2004/03/18/014.html SCADA Security, Security Summit Milano – 11 Giugno 2009 Sistemi SCADA e profili criminali mayhem@alba.st R. Chiesa, F. Guasconi, A. Pennasilico, E. Tieghi 9
Incidenti recenti Texas: warning, zombies ahead Transportation officials in Texas are scrambling to prevent hackers from changing messages on digital road signs after one sign in Austin was altered to read, "Zombies Ahead." Chris Lippincott, director of media relations for the Texas Department of Transportation, confirmed that a portable traffic sign at Lamar Boulevard and West 15th Street, near the University of Texas at Austin, was hacked into during the early hours of January 19 2009. "It was clever, kind of cute, but not what it was intended for. Those signs are deployed for a reason — to improve traffic conditions, let folks know there's a road closure." Sistemi SCADA e profili criminali mayhem@alba.st 10
Injecting RDS-TMC Sistemi SCADA e profili criminali mayhem@alba.st 11
Previsioni Critical Infrastructure Prime Target For Cyber Criminals The report, "Cyber Threats and Trends" seeks to aid education efforts about cyber security threats facing networks, enterprises and end-users by highlighting important trends that emerged in previous years, and attempts to predict security trends and disruptors that may develop in next years with lasting consequences for businesses in the coming decade. http://www.secprodonline.com/articles/70136/ Sistemi SCADA e profili criminali mayhem@alba.st 12
Esempio di intrusione fonte INL (Idaho National Lab – DHS US Sistemi SCADA e profili criminali mayhem@alba.st 13
Il wireless arriva in fabbrica Smart Wireless Smart Control Systems Smart Analytical Smart Asset Optimization Smart Measurement Smart Final Control Smart Machinery Health Smart Safety 14
Stuxnet Come intendiamo bloccare le minacce? (pensiamo a quel che ha detto Dennis Bergstrom di Sonicwall prima di me) Sistemi SCADA e profili criminali mayhem@alba.st 15
Profili Sistemi SCADA e profili criminali mayhem@alba.st 16
Effetto delle leggi Sistemi SCADA e profili criminali mayhem@alba.st 17
Conclusioni
Conclusioni Tutte le infrastrutture sono a rischio Collaboratori distratti o infedeli Attaccanti casuali, attaccanti motivati, più o meno esperti Sistemi SCADA e profili criminali mayhem@alba.st 19
Conclusioni Gli strumenti tecnologici Le strategie organizzative Gli standard da seguire per prevenire e mitigare rischi ed attacchi esistono! Sistemi SCADA e profili criminali mayhem@alba.st 20
These slides are written by Alessio L.R. Pennasilico aka mayhem. They are subjected to Creative Commons Attribution- ShareAlike 2.5 version; you can copy, modify or sell them. “Please” cite your source and use the same licence :) Domande? Grazie per l’attenzione! Roma, 6 Aprile 2011 Alessio L.R. Pennasilico mayhem@alba.st twitter: mayhemspp FaceBook: alessio.pennasilico

Recommended

Odio le mie applicazioni web e chi le ha scritte
Odio le mie applicazioni web e chi le ha scritteOdio le mie applicazioni web e chi le ha scritte
Odio le mie applicazioni web e chi le ha scritteAlessio Pennasilico
 
All your bases belong to us
All your bases belong to usAll your bases belong to us
All your bases belong to usAlessio Pennasilico
 
Next Hope New York 2010: Bakeca.it DDoS case history
Next Hope New York 2010: Bakeca.it DDoS case historyNext Hope New York 2010: Bakeca.it DDoS case history
Next Hope New York 2010: Bakeca.it DDoS case historyAlessio Pennasilico
 
ESC 2010: Virtualizzazione (in)security
ESC 2010: Virtualizzazione (in)securityESC 2010: Virtualizzazione (in)security
ESC 2010: Virtualizzazione (in)securityAlessio Pennasilico
 
Rischi o vulnerabilità?
Rischi o vulnerabilità?Rischi o vulnerabilità?
Rischi o vulnerabilità?Alessio Pennasilico
 
Come il Cloud Computing può salvare l'analogico
Come il Cloud Computing può salvare l'analogicoCome il Cloud Computing può salvare l'analogico
Come il Cloud Computing può salvare l'analogicoAlessio Pennasilico
 
RSA vs Hacker
RSA vs HackerRSA vs Hacker
RSA vs HackerAlessio Pennasilico
 
Perchè il tuo tablet interessa ai criminali
Perchè il tuo tablet interessa ai criminaliPerchè il tuo tablet interessa ai criminali
Perchè il tuo tablet interessa ai criminaliAlessio Pennasilico
 

Recommended

Odio le mie applicazioni web e chi le ha scritte
Odio le mie applicazioni web e chi le ha scritteOdio le mie applicazioni web e chi le ha scritte
Odio le mie applicazioni web e chi le ha scritteAlessio Pennasilico
 
All your bases belong to us
All your bases belong to usAll your bases belong to us
All your bases belong to usAlessio Pennasilico
 
Next Hope New York 2010: Bakeca.it DDoS case history
Next Hope New York 2010: Bakeca.it DDoS case historyNext Hope New York 2010: Bakeca.it DDoS case history
Next Hope New York 2010: Bakeca.it DDoS case historyAlessio Pennasilico
 
ESC 2010: Virtualizzazione (in)security
ESC 2010: Virtualizzazione (in)securityESC 2010: Virtualizzazione (in)security
ESC 2010: Virtualizzazione (in)securityAlessio Pennasilico
 
Rischi o vulnerabilità?
Rischi o vulnerabilità?Rischi o vulnerabilità?
Rischi o vulnerabilità?Alessio Pennasilico
 
Come il Cloud Computing può salvare l'analogico
Come il Cloud Computing può salvare l'analogicoCome il Cloud Computing può salvare l'analogico
Come il Cloud Computing può salvare l'analogicoAlessio Pennasilico
 
RSA vs Hacker
RSA vs HackerRSA vs Hacker
RSA vs HackerAlessio Pennasilico
 
Perchè il tuo tablet interessa ai criminali
Perchè il tuo tablet interessa ai criminaliPerchè il tuo tablet interessa ai criminali
Perchè il tuo tablet interessa ai criminaliAlessio Pennasilico
 
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks
 
Cyber security colombo meetup
Cyber security colombo meetupCyber security colombo meetup
Cyber security colombo meetupEguardian Global Services
 
Modern technologies and cybersecurity
Modern technologies and cybersecurityModern technologies and cybersecurity
Modern technologies and cybersecurityVadimDavydov3
 
SCADA White Paper March2012
SCADA White Paper March2012SCADA White Paper March2012
SCADA White Paper March2012James Collinge, CISSP
 
ghostsinthemachine2
ghostsinthemachine2ghostsinthemachine2
ghostsinthemachine2Shane Kite
 
S C A D A Security Keynote C K
S C A D A Security Keynote C KS C A D A Security Keynote C K
S C A D A Security Keynote C KNarinrit Prem-apiwathanokul
 
[Bucharest] From SCADA to IoT Cyber Security
[Bucharest] From SCADA to IoT Cyber Security[Bucharest] From SCADA to IoT Cyber Security
[Bucharest] From SCADA to IoT Cyber SecurityOWASP EEE
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Networks
 
Cybersecurity for Control Systems: Current State and Future Vision pt.1
Cybersecurity for Control Systems: Current State and Future Vision pt.1Cybersecurity for Control Systems: Current State and Future Vision pt.1
Cybersecurity for Control Systems: Current State and Future Vision pt.1EnergySec
 
Internet of Things Security - Trust in the supply chain
Internet of Things Security - Trust in the supply chainInternet of Things Security - Trust in the supply chain
Internet of Things Security - Trust in the supply chainDuncan Purves
 
Security In an IoT World
Security In an IoT WorldSecurity In an IoT World
Security In an IoT Worldsyrinxtech
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA NetworksIJRES Journal
 
Practical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsPractical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsSergey Gordeychik
 
Application of Machine Learning in Cyber Security
Application of Machine Learning in Cyber SecurityApplication of Machine Learning in Cyber Security
Application of Machine Learning in Cyber SecurityDr. Umesh Rao.Hodeghatta
 
Raoul Chiesa Hacking A Impianti Industriali
Raoul Chiesa Hacking A Impianti IndustrialiRaoul Chiesa Hacking A Impianti Industriali
Raoul Chiesa Hacking A Impianti IndustrialiGoWireless
 
AI & Cybersecurity meet 21stC GeoPolitics
AI & Cybersecurity meet 21stC GeoPoliticsAI & Cybersecurity meet 21stC GeoPolitics
AI & Cybersecurity meet 21stC GeoPoliticsDr David Probert
 
Critical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist AttacksCritical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist AttacksBGA Cyber Security
 
Utilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksUtilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksInternational Journal of Engineering Inventions www.ijeijournal.com
 
Greater China Cyber Threat Landscape - ISC 2016
Greater China Cyber Threat Landscape - ISC 2016Greater China Cyber Threat Landscape - ISC 2016
Greater China Cyber Threat Landscape - ISC 2016Sergey Gordeychik
 
BlackHat_2015_Slides_Krotofil_FINAL
BlackHat_2015_Slides_Krotofil_FINALBlackHat_2015_Slides_Krotofil_FINAL
BlackHat_2015_Slides_Krotofil_FINALMarina Krotofil
 
ICT Security 2010: Le minacce delle nuove tecnologie
ICT Security 2010: Le minacce delle nuove tecnologieICT Security 2010: Le minacce delle nuove tecnologie
ICT Security 2010: Le minacce delle nuove tecnologieAlessio Pennasilico
 
Linux Day 2010: Virtualizzare con OpenVZ
Linux Day 2010: Virtualizzare con OpenVZLinux Day 2010: Virtualizzare con OpenVZ
Linux Day 2010: Virtualizzare con OpenVZAlessio Pennasilico
 

More Related Content

Similar to SCADA Systems and Criminal Profiles

Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks
 
Modern technologies and cybersecurity
Modern technologies and cybersecurityModern technologies and cybersecurity
Modern technologies and cybersecurityVadimDavydov3
 
ghostsinthemachine2
ghostsinthemachine2ghostsinthemachine2
ghostsinthemachine2Shane Kite
 
[Bucharest] From SCADA to IoT Cyber Security
[Bucharest] From SCADA to IoT Cyber Security[Bucharest] From SCADA to IoT Cyber Security
[Bucharest] From SCADA to IoT Cyber SecurityOWASP EEE
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Networks
 
Cybersecurity for Control Systems: Current State and Future Vision pt.1
Cybersecurity for Control Systems: Current State and Future Vision pt.1Cybersecurity for Control Systems: Current State and Future Vision pt.1
Cybersecurity for Control Systems: Current State and Future Vision pt.1EnergySec
 
Internet of Things Security - Trust in the supply chain
Internet of Things Security - Trust in the supply chainInternet of Things Security - Trust in the supply chain
Internet of Things Security - Trust in the supply chainDuncan Purves
 
Security In an IoT World
Security In an IoT WorldSecurity In an IoT World
Security In an IoT Worldsyrinxtech
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA NetworksIJRES Journal
 
Practical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsPractical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsSergey Gordeychik
 
Application of Machine Learning in Cyber Security
Application of Machine Learning in Cyber SecurityApplication of Machine Learning in Cyber Security
Application of Machine Learning in Cyber SecurityDr. Umesh Rao.Hodeghatta
 
Raoul Chiesa Hacking A Impianti Industriali
Raoul Chiesa Hacking A Impianti IndustrialiRaoul Chiesa Hacking A Impianti Industriali
Raoul Chiesa Hacking A Impianti IndustrialiGoWireless
 
AI & Cybersecurity meet 21stC GeoPolitics
AI & Cybersecurity meet 21stC GeoPoliticsAI & Cybersecurity meet 21stC GeoPolitics
AI & Cybersecurity meet 21stC GeoPoliticsDr David Probert
 
Critical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist AttacksCritical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist AttacksBGA Cyber Security
 
Greater China Cyber Threat Landscape - ISC 2016
Greater China Cyber Threat Landscape - ISC 2016Greater China Cyber Threat Landscape - ISC 2016
Greater China Cyber Threat Landscape - ISC 2016Sergey Gordeychik
 
BlackHat_2015_Slides_Krotofil_FINAL
BlackHat_2015_Slides_Krotofil_FINALBlackHat_2015_Slides_Krotofil_FINAL
BlackHat_2015_Slides_Krotofil_FINALMarina Krotofil
 

Similar to SCADA Systems and Criminal Profiles (20)

Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company Introduction
 
Cyber security colombo meetup
Cyber security colombo meetupCyber security colombo meetup
Cyber security colombo meetup
 
Modern technologies and cybersecurity
Modern technologies and cybersecurityModern technologies and cybersecurity
Modern technologies and cybersecurity
 
SCADA White Paper March2012
SCADA White Paper March2012SCADA White Paper March2012
SCADA White Paper March2012
 
ghostsinthemachine2
ghostsinthemachine2ghostsinthemachine2
ghostsinthemachine2
 
S C A D A Security Keynote C K
S C A D A Security Keynote C KS C A D A Security Keynote C K
S C A D A Security Keynote C K
 
[Bucharest] From SCADA to IoT Cyber Security
[Bucharest] From SCADA to IoT Cyber Security[Bucharest] From SCADA to IoT Cyber Security
[Bucharest] From SCADA to IoT Cyber Security
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
 
Cybersecurity for Control Systems: Current State and Future Vision pt.1
Cybersecurity for Control Systems: Current State and Future Vision pt.1Cybersecurity for Control Systems: Current State and Future Vision pt.1
Cybersecurity for Control Systems: Current State and Future Vision pt.1
 
Internet of Things Security - Trust in the supply chain
Internet of Things Security - Trust in the supply chainInternet of Things Security - Trust in the supply chain
Internet of Things Security - Trust in the supply chain
 
Security In an IoT World
Security In an IoT WorldSecurity In an IoT World
Security In an IoT World
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA Networks
 
Practical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsPractical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart grids
 
Application of Machine Learning in Cyber Security
Application of Machine Learning in Cyber SecurityApplication of Machine Learning in Cyber Security
Application of Machine Learning in Cyber Security
 
Raoul Chiesa Hacking A Impianti Industriali
Raoul Chiesa Hacking A Impianti IndustrialiRaoul Chiesa Hacking A Impianti Industriali
Raoul Chiesa Hacking A Impianti Industriali
 
AI & Cybersecurity meet 21stC GeoPolitics
AI & Cybersecurity meet 21stC GeoPoliticsAI & Cybersecurity meet 21stC GeoPolitics
AI & Cybersecurity meet 21stC GeoPolitics
 
Critical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist AttacksCritical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist Attacks
 
Utilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksUtilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA Networks
 
Greater China Cyber Threat Landscape - ISC 2016
Greater China Cyber Threat Landscape - ISC 2016Greater China Cyber Threat Landscape - ISC 2016
Greater China Cyber Threat Landscape - ISC 2016
 
BlackHat_2015_Slides_Krotofil_FINAL
BlackHat_2015_Slides_Krotofil_FINALBlackHat_2015_Slides_Krotofil_FINAL
BlackHat_2015_Slides_Krotofil_FINAL
 

More from Alessio Pennasilico

ICT Security 2010: Le minacce delle nuove tecnologie
ICT Security 2010: Le minacce delle nuove tecnologieICT Security 2010: Le minacce delle nuove tecnologie
ICT Security 2010: Le minacce delle nuove tecnologieAlessio Pennasilico
 
Linux Day 2010: Virtualizzare con OpenVZ
Linux Day 2010: Virtualizzare con OpenVZLinux Day 2010: Virtualizzare con OpenVZ
Linux Day 2010: Virtualizzare con OpenVZAlessio Pennasilico
 
Linux Day 2010: Mi hanno installato Linux... ed ora?
Linux Day 2010: Mi hanno installato Linux... ed ora?Linux Day 2010: Mi hanno installato Linux... ed ora?
Linux Day 2010: Mi hanno installato Linux... ed ora?Alessio Pennasilico
 
Smau 2010 Milano: Seminario AIPSI Business Continuity e Disaster Recovery
Smau 2010 Milano: Seminario AIPSI Business Continuity e Disaster RecoverySmau 2010 Milano: Seminario AIPSI Business Continuity e Disaster Recovery
Smau 2010 Milano: Seminario AIPSI Business Continuity e Disaster RecoveryAlessio Pennasilico
 
Smau 2010 Milano: Seminario AIPSI Sicurezza del VoIP
Smau 2010 Milano: Seminario AIPSI Sicurezza del VoIPSmau 2010 Milano: Seminario AIPSI Sicurezza del VoIP
Smau 2010 Milano: Seminario AIPSI Sicurezza del VoIPAlessio Pennasilico
 
Smau 2010 Milano: Seminario Clusit per Intel sulla security
Smau 2010 Milano: Seminario Clusit per Intel sulla securitySmau 2010 Milano: Seminario Clusit per Intel sulla security
Smau 2010 Milano: Seminario Clusit per Intel sulla securityAlessio Pennasilico
 
Linux Day 2010: Linux Security Demystified
Linux Day 2010: Linux Security DemystifiedLinux Day 2010: Linux Security Demystified
Linux Day 2010: Linux Security DemystifiedAlessio Pennasilico
 
Smau 2010 MIlano: Seminario AIPSI Virtualizzazione Sicura
Smau 2010 MIlano: Seminario AIPSI Virtualizzazione SicuraSmau 2010 MIlano: Seminario AIPSI Virtualizzazione Sicura
Smau 2010 MIlano: Seminario AIPSI Virtualizzazione SicuraAlessio Pennasilico
 
e-mail Power: 2010: servono ancora le
e-mail Power: 2010: servono ancora le e-mail Power: 2010: servono ancora le
e-mail Power: 2010: servono ancora le Alessio Pennasilico
 
Porte aperte alla tecnologia: Creare una strategia di Disaster Recovery
Porte aperte alla tecnologia: Creare una strategia di Disaster RecoveryPorte aperte alla tecnologia: Creare una strategia di Disaster Recovery
Porte aperte alla tecnologia: Creare una strategia di Disaster RecoveryAlessio Pennasilico
 
Seminario Clusit Security Summit 2010: Minacce per la virtualizzazione
Seminario Clusit Security Summit 2010: Minacce per la virtualizzazioneSeminario Clusit Security Summit 2010: Minacce per la virtualizzazione
Seminario Clusit Security Summit 2010: Minacce per la virtualizzazioneAlessio Pennasilico
 

More from Alessio Pennasilico (15)

ICT Security 2010: Le minacce delle nuove tecnologie
ICT Security 2010: Le minacce delle nuove tecnologieICT Security 2010: Le minacce delle nuove tecnologie
ICT Security 2010: Le minacce delle nuove tecnologie
 
Linux Day 2010: Virtualizzare con OpenVZ
Linux Day 2010: Virtualizzare con OpenVZLinux Day 2010: Virtualizzare con OpenVZ
Linux Day 2010: Virtualizzare con OpenVZ
 
Linux Day 2010: Mi hanno installato Linux... ed ora?
Linux Day 2010: Mi hanno installato Linux... ed ora?Linux Day 2010: Mi hanno installato Linux... ed ora?
Linux Day 2010: Mi hanno installato Linux... ed ora?
 
Smau 2010 Milano: Seminario AIPSI Business Continuity e Disaster Recovery
Smau 2010 Milano: Seminario AIPSI Business Continuity e Disaster RecoverySmau 2010 Milano: Seminario AIPSI Business Continuity e Disaster Recovery
Smau 2010 Milano: Seminario AIPSI Business Continuity e Disaster Recovery
 
Smau 2010 Milano: Seminario AIPSI Sicurezza del VoIP
Smau 2010 Milano: Seminario AIPSI Sicurezza del VoIPSmau 2010 Milano: Seminario AIPSI Sicurezza del VoIP
Smau 2010 Milano: Seminario AIPSI Sicurezza del VoIP
 
Smau 2010 Milano: Seminario Clusit per Intel sulla security
Smau 2010 Milano: Seminario Clusit per Intel sulla securitySmau 2010 Milano: Seminario Clusit per Intel sulla security
Smau 2010 Milano: Seminario Clusit per Intel sulla security
 
Linux Day 2010: Linux Security Demystified
Linux Day 2010: Linux Security DemystifiedLinux Day 2010: Linux Security Demystified
Linux Day 2010: Linux Security Demystified
 
Smau 2010 MIlano: Seminario AIPSI Virtualizzazione Sicura
Smau 2010 MIlano: Seminario AIPSI Virtualizzazione SicuraSmau 2010 MIlano: Seminario AIPSI Virtualizzazione Sicura
Smau 2010 MIlano: Seminario AIPSI Virtualizzazione Sicura
 
e-mail Power: 2010: servono ancora le
e-mail Power: 2010: servono ancora le e-mail Power: 2010: servono ancora le
e-mail Power: 2010: servono ancora le
 
OpenOffice
OpenOfficeOpenOffice
OpenOffice
 
Vpn Mobility VoIP
Vpn Mobility VoIPVpn Mobility VoIP
Vpn Mobility VoIP
 
Porte aperte alla tecnologia: Creare una strategia di Disaster Recovery
Porte aperte alla tecnologia: Creare una strategia di Disaster RecoveryPorte aperte alla tecnologia: Creare una strategia di Disaster Recovery
Porte aperte alla tecnologia: Creare una strategia di Disaster Recovery
 
Paranoia is a virtue
Paranoia is a virtueParanoia is a virtue
Paranoia is a virtue
 
Seminario Clusit Security Summit 2010: Minacce per la virtualizzazione
Seminario Clusit Security Summit 2010: Minacce per la virtualizzazioneSeminario Clusit Security Summit 2010: Minacce per la virtualizzazione
Seminario Clusit Security Summit 2010: Minacce per la virtualizzazione
 
Internet (in)sicuro
Internet (in)sicuroInternet (in)sicuro
Internet (in)sicuro
 

Recently uploaded

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 

Recently uploaded (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 

SCADA Systems and Criminal Profiles

  • 1. Sistemi SCADA e profili criminali di cosa ci dobbiamo preoccupare? Roma, 6 Aprile 2011 Alessio L.R. Pennasilico mayhem@alba.st twitter: mayhemspp FaceBook: alessio.pennasilico
  • 2. $ whois mayhem Security Evangelist @ Board of Directors: CLUSIT, Associazione Informatici Professionisti (AIP/OPSI), Associazione Italiana Professionisti Sicurezza Informatica (AIPSI), Italian Linux Society (ILS), OpenBSD Italian User Group, Hacker’s Profiling Project Sistemi SCADA e profili criminali mayhem@alba.st 2
  • 3. Infrastrutture critiche I sistemi SCADA possono gestire automazione industriale centrali elettriche fornitura di gas o acqua comunicazioni trasporti Sistemi SCADA e profili criminali mayhem@alba.st 3
  • 4. Di chi mi devo preoccupare?
  • 5. Blockbuster “Il sistema di gestione della centrale elettrica non rispondeva. L’operatore stava guardando un DVD sul computer di gestione” CSO di una utility di distribuzione energia elettrica Sistemi SCADA e profili criminali mayhem@alba.st 5
  • 6. Worm “In August 2003 Slammer infected a private computer network at the idled Davis-Besse nuclear power plant in Oak Harbor, Ohio, disabling a safety monitoring system for nearly five hours.” Nist,Guide to SCADA Sistemi SCADA e profili criminali mayhem@alba.st 6
  • 7. Disgruntled employee Vitek Boden, in 2000, was arrested, convicted and jailed because he released millions of liters of untreated sewage using his wireless laptop. It happened in Maroochy Shire, Queensland, may be as a revenge against his last former employer. http://www.theregister.co.uk/2001/10/31/hacker_jailed_for_revenge_sewage/ Sistemi SCADA e profili criminali mayhem@alba.st 7
  • 8. Gazprom “Russian authorities revealed this week that Gazprom, a state-run gas utility, came under the control of malicious hackers last year. […]The report said hackers used a Trojan horse program, which stashes lines of harmful computer code in a benign- looking program.” http://findarticles.com/p/articles/mi_qa3739/is_200403/ai_n9360106 Sistemi SCADA e profili criminali mayhem@alba.st 8
  • 9. Sabotaggio Thomas C. Reed, Ronald Regan’s Secretary, described in his book “At the abyss” how the U.S. arranged for the Soviets to receive intentionally flawed SCADA software to manage their natural gas pipelines. "The pipeline software that was to run the pumps, turbines, and values was programmed to go haywire, after a decent interval, to reset pump speeds and valve settings to produce pressures far beyond those acceptable to pipeline joints and welds." A 3 kiloton explosion was the result, in 1982 in Siberia. http://www.themoscowtimes.ru/stories/2004/03/18/014.html SCADA Security, Security Summit Milano – 11 Giugno 2009 Sistemi SCADA e profili criminali mayhem@alba.st R. Chiesa, F. Guasconi, A. Pennasilico, E. Tieghi 9
  • 10. Incidenti recenti Texas: warning, zombies ahead Transportation officials in Texas are scrambling to prevent hackers from changing messages on digital road signs after one sign in Austin was altered to read, "Zombies Ahead." Chris Lippincott, director of media relations for the Texas Department of Transportation, confirmed that a portable traffic sign at Lamar Boulevard and West 15th Street, near the University of Texas at Austin, was hacked into during the early hours of January 19 2009. "It was clever, kind of cute, but not what it was intended for. Those signs are deployed for a reason — to improve traffic conditions, let folks know there's a road closure." Sistemi SCADA e profili criminali mayhem@alba.st 10
  • 11. Injecting RDS-TMC Sistemi SCADA e profili criminali mayhem@alba.st 11
  • 12. Previsioni Critical Infrastructure Prime Target For Cyber Criminals The report, "Cyber Threats and Trends" seeks to aid education efforts about cyber security threats facing networks, enterprises and end-users by highlighting important trends that emerged in previous years, and attempts to predict security trends and disruptors that may develop in next years with lasting consequences for businesses in the coming decade. http://www.secprodonline.com/articles/70136/ Sistemi SCADA e profili criminali mayhem@alba.st 12
  • 13. Esempio di intrusione fonte INL (Idaho National Lab – DHS US Sistemi SCADA e profili criminali mayhem@alba.st 13
  • 14. Il wireless arriva in fabbrica Smart Wireless Smart Control Systems Smart Analytical Smart Asset Optimization Smart Measurement Smart Final Control Smart Machinery Health Smart Safety 14
  • 15. Stuxnet Come intendiamo bloccare le minacce? (pensiamo a quel che ha detto Dennis Bergstrom di Sonicwall prima di me) Sistemi SCADA e profili criminali mayhem@alba.st 15
  • 16. Profili Sistemi SCADA e profili criminali mayhem@alba.st 16
  • 17. Effetto delle leggi Sistemi SCADA e profili criminali mayhem@alba.st 17
  • 19. Conclusioni Tutte le infrastrutture sono a rischio Collaboratori distratti o infedeli Attaccanti casuali, attaccanti motivati, più o meno esperti Sistemi SCADA e profili criminali mayhem@alba.st 19
  • 20. Conclusioni Gli strumenti tecnologici Le strategie organizzative Gli standard da seguire per prevenire e mitigare rischi ed attacchi esistono! Sistemi SCADA e profili criminali mayhem@alba.st 20
  • 21. These slides are written by Alessio L.R. Pennasilico aka mayhem. They are subjected to Creative Commons Attribution- ShareAlike 2.5 version; you can copy, modify or sell them. “Please” cite your source and use the same licence :) Domande? Grazie per l’attenzione! Roma, 6 Aprile 2011 Alessio L.R. Pennasilico mayhem@alba.st twitter: mayhemspp FaceBook: alessio.pennasilico