Smart grids is an added communication capabilities and intelligence to traditional grids,smart grids are enabled by Intelligent sensors and actuators, Extended data management system,Expanded two way communication between utility operation system facilities and customers,Network security ,National integration ,Self healing and adaptive –Improve distribution and transmission system operation,Allow customers freedom to purchase power based on dynamic pricing ,Improved quality of power-less wastage ,Integration of large variety of generation options.
We have seen the more complex and critical infrastructure the more vulnerable they are. From the Year of 1994 we have seen lots of incidents where SmartGrid were Hacked the latest and booming incident was Stuxnet Worm which targeted Nuclear Power System of Iran and Worldwide.There are different types of Attacks we will see. Security needed for Smart Grid.
Smart Grid Systems Based Survey on Cyber Security IssuesjournalBEEI
The future power system will be an innovative administration of existing power grids, which is called smart grid. Above all, the application of advanced communication and computing tools is going to significantly improve the productivity and consistency of smart grid systems with renewable energy resources. Together with the topographies of the smart grid, cyber security appears as a serious concern since a huge number of automatic devices are linked through communication networks. Cyber attacks on those devices had a direct influence on the reliability of extensive infrastructure of the power system. In this survey, several published works related to smart grid system vulnerabilities, potential intentional attacks, and suggested countermeasures for these threats have been investigated.
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Leonardo ENERGY
This Cybersecurity webinar addresses issues of importance to executive, technical, and academic professionals involved with managing and protecting Electric Utilities and Smart Grids. Cyber threats and vulnerabilities, including cyber attacks, will be addressed; as well as Smart Grid trends, and privacy and data integrity issues. United States, European, and International organizations and initiatives to address cybersecurity for utilities will be discussed. The webinar will conclude with strategies to improve cybersecurity. A second cybersecurity webinar (programmed in September 2017) will address best practices, case studies, and legal and regulatory constraints for architecting smart grids in a secure way.
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityLeonardo ENERGY
This Cybersecurity webinar, the second in a series, addresses issues of importance to executive, technical, and academic professionals involved with managing and protecting Electric Utilities and Smart Grids worldwide. Technology and market challenges will be addressed, followed by cybersecurity approaches (including those used in Europe and US) and best practices. Three case studies, and legal and regulatory constraints, for architecting smart grids in a secure way also will be presented.
Smart Grid Systems Based Survey on Cyber Security IssuesjournalBEEI
The future power system will be an innovative administration of existing power grids, which is called smart grid. Above all, the application of advanced communication and computing tools is going to significantly improve the productivity and consistency of smart grid systems with renewable energy resources. Together with the topographies of the smart grid, cyber security appears as a serious concern since a huge number of automatic devices are linked through communication networks. Cyber attacks on those devices had a direct influence on the reliability of extensive infrastructure of the power system. In this survey, several published works related to smart grid system vulnerabilities, potential intentional attacks, and suggested countermeasures for these threats have been investigated.
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Leonardo ENERGY
This Cybersecurity webinar addresses issues of importance to executive, technical, and academic professionals involved with managing and protecting Electric Utilities and Smart Grids. Cyber threats and vulnerabilities, including cyber attacks, will be addressed; as well as Smart Grid trends, and privacy and data integrity issues. United States, European, and International organizations and initiatives to address cybersecurity for utilities will be discussed. The webinar will conclude with strategies to improve cybersecurity. A second cybersecurity webinar (programmed in September 2017) will address best practices, case studies, and legal and regulatory constraints for architecting smart grids in a secure way.
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityLeonardo ENERGY
This Cybersecurity webinar, the second in a series, addresses issues of importance to executive, technical, and academic professionals involved with managing and protecting Electric Utilities and Smart Grids worldwide. Technology and market challenges will be addressed, followed by cybersecurity approaches (including those used in Europe and US) and best practices. Three case studies, and legal and regulatory constraints, for architecting smart grids in a secure way also will be presented.
Smart Grid security expert & previous hacker Emil Gurevitch explains how hackers can get to your Smart Grid, and how utilities can detect and respond to Smart Metering Cyber-attacks.
This presentation gives an introduction to security of smart grid and reviews the most important related guidelines like NISTIR 7628 and IEEE 2030. At the final section, it reviews the US cyber security program for the energy sector as a case study.
Overview about smart grid projects in Brazil and how the security requiments have been considered in R&D projects. Results related to a smart metering security assessment project are presented.
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...Power System Operation
Because of recent cyber-attacks and threats against power utilities, cybersecurity continues to increase in importance and be on the minds of substation design engineers.
One major concern for power distribution utilities is “ensuring that all communication protocols performing control functions and data acquisition for substations are properly secured. With IEC-61850 being one of the most widely used communications protocols by utilities today, particularly in distribution automation (DA),” increases the need for greater security in communication protocols. [1]
IEC-61850 is also becoming the preferred standard for substation design and operations due to the common framework and object-oriented design for point names as well as the increased performance and lower lifecycle cost of SCADA systems utilizing the methodology and protocols. This paper will discuss major vulnerabilities and cybersecurity considerations that require proper analysis when designing and implementing a secure IEC-61850 standard-based SCADA system within a power substation. However, this paper will not discuss implementation methods or provide implementation concepts.
Are your industrial networks protected...Ethernet Security Firewalls Schneider Electric
Security incidents rise at an alarming rate each year. As the complexity of the threats increases, so do the security measures required to protect industrial networks. Plant operations personnel need to understand security basics as plant processes integrate with outside networks. This paper reviews network security fundamentals, with an emphasis on firewalls specific to industry applications. The variety of firewalls is defined, explained, and compared.
The electric power grid has changed significantly over the past decade and continues to change as technology evolves. More and more, new-generation substation control systems are based on open standards and commercial technology, including Ethernet and TCP/IP based communication protocols such as IEC 60870-5-104, DNP 3.0 or IEC 61850. While this change in technology has brought about huge operational benefits, it has introduced cyber security concerns and a potential challenge to network reliability. Electronic intrusion into a substation can misdirect or terminate service, and this intrusion can be from internal individuals or external hackers or organizations.
Many substation control and diagnostic systems in deployment were not designed for real-time security functionality and centralized system administration with robust access control. Utilities must implement policies to protect their substation systems against intrusion from within and from outside the corporate network. Further, they must be able to detect intrusion when it does occur to eliminate future untoward effects. Finally, they need to be prepared with planned response and restoration that not only returns targeted functionality but can improve system security.
The global power industry has stepped up its focus on cyber security for control and automation systems, and standards are in place identifying the functionalities required for secure substation operation. Utilities looking to protect against cyber attack on their substation automation systems must implement the SCADA, RTU and IED solutions that incorporate proven-technology and the security mechanisms meeting these standards.
The efficacy and challenges of scada and smart grid integrationFaizal Faizi
To initiate a 2 way communication between the load center's and the substation so they can monitor the electricity distribution at real time • To detect faults at their onset so that a resultant blackouts can be prevented • To regulate the energy consumption of utilities based on energy availability
Third Party Security Testing for Advanced Metering Infrastructure ProgramEnergySec
In July 2010, BC Hydro, the electric utility and grid operator of British Columbia began implementation of its AMI program, formally known as the Smart Meter & Infrastructure (SMI) program. The SMI program transformed BC Hydro from a traditional metering utility to a smart metering utility by implementing smart meters on the customer service points. It was the first step in the smart grid transformation.
The SMI program required the introduction of many new devices and applications into BC Hydro’s infrastructure. Some of these had never been deployed before anywhere in the world. Many were field deployed, outside of BC Hydro’s physical security perimeter.
The SMI Security Delivery Team was formed to deliver on these commitments and to take responsibility for the end to end security of the SMI program. The Team implemented a multi-pronged approach to securing SMI including security risk assessments, security penetration testing by the team, design reviews, whole project risk assessments and third party security penetration testing.
A standards based approach was required to ground the test plan both in best practice and in a common set of principles that BC Hydro and its vendors could accept. The Advanced Metering Infrastructure (AMI) Risk Assessment document prepared by the Advanced Metering Infrastructure Security (AMI-SEC) Task Force was used as a basis for the test plan. This document has since been passed to the National Institute of Standards and Technology (NIST) Cyber Security Working Group and was integrated into NIST IR 7628. NIST IR 7628 contains a comprehensive list of possible threats to AMI systems.
The program was highly successful. Test results informed BC Hydro’s deployment decisions and allowed the manufacturers to improve their products. Lessons were learned about how best to conduct third party security testing. A full lessons learned section is included in the presentation.
Industrial Control System Cyber Security and the Employment of Industrial Fir...Schneider Electric
This presentation provides an overview of industrial control systems and typical system topologies, identifies typical threats and vulnerabilities to these systems, and provides recommended security countermeasures to mitigate the risks.
A business-level review of current security standards for the energy and utility school, a look around the corner at what's coming next from the standards bodies, and a discussion of the burdens this amount of change and uncertainty is is placing on executives and security professionals in the electric utilities.
Smart Grid security expert & previous hacker Emil Gurevitch explains how hackers can get to your Smart Grid, and how utilities can detect and respond to Smart Metering Cyber-attacks.
This presentation gives an introduction to security of smart grid and reviews the most important related guidelines like NISTIR 7628 and IEEE 2030. At the final section, it reviews the US cyber security program for the energy sector as a case study.
Overview about smart grid projects in Brazil and how the security requiments have been considered in R&D projects. Results related to a smart metering security assessment project are presented.
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...Power System Operation
Because of recent cyber-attacks and threats against power utilities, cybersecurity continues to increase in importance and be on the minds of substation design engineers.
One major concern for power distribution utilities is “ensuring that all communication protocols performing control functions and data acquisition for substations are properly secured. With IEC-61850 being one of the most widely used communications protocols by utilities today, particularly in distribution automation (DA),” increases the need for greater security in communication protocols. [1]
IEC-61850 is also becoming the preferred standard for substation design and operations due to the common framework and object-oriented design for point names as well as the increased performance and lower lifecycle cost of SCADA systems utilizing the methodology and protocols. This paper will discuss major vulnerabilities and cybersecurity considerations that require proper analysis when designing and implementing a secure IEC-61850 standard-based SCADA system within a power substation. However, this paper will not discuss implementation methods or provide implementation concepts.
Are your industrial networks protected...Ethernet Security Firewalls Schneider Electric
Security incidents rise at an alarming rate each year. As the complexity of the threats increases, so do the security measures required to protect industrial networks. Plant operations personnel need to understand security basics as plant processes integrate with outside networks. This paper reviews network security fundamentals, with an emphasis on firewalls specific to industry applications. The variety of firewalls is defined, explained, and compared.
The electric power grid has changed significantly over the past decade and continues to change as technology evolves. More and more, new-generation substation control systems are based on open standards and commercial technology, including Ethernet and TCP/IP based communication protocols such as IEC 60870-5-104, DNP 3.0 or IEC 61850. While this change in technology has brought about huge operational benefits, it has introduced cyber security concerns and a potential challenge to network reliability. Electronic intrusion into a substation can misdirect or terminate service, and this intrusion can be from internal individuals or external hackers or organizations.
Many substation control and diagnostic systems in deployment were not designed for real-time security functionality and centralized system administration with robust access control. Utilities must implement policies to protect their substation systems against intrusion from within and from outside the corporate network. Further, they must be able to detect intrusion when it does occur to eliminate future untoward effects. Finally, they need to be prepared with planned response and restoration that not only returns targeted functionality but can improve system security.
The global power industry has stepped up its focus on cyber security for control and automation systems, and standards are in place identifying the functionalities required for secure substation operation. Utilities looking to protect against cyber attack on their substation automation systems must implement the SCADA, RTU and IED solutions that incorporate proven-technology and the security mechanisms meeting these standards.
The efficacy and challenges of scada and smart grid integrationFaizal Faizi
To initiate a 2 way communication between the load center's and the substation so they can monitor the electricity distribution at real time • To detect faults at their onset so that a resultant blackouts can be prevented • To regulate the energy consumption of utilities based on energy availability
Third Party Security Testing for Advanced Metering Infrastructure ProgramEnergySec
In July 2010, BC Hydro, the electric utility and grid operator of British Columbia began implementation of its AMI program, formally known as the Smart Meter & Infrastructure (SMI) program. The SMI program transformed BC Hydro from a traditional metering utility to a smart metering utility by implementing smart meters on the customer service points. It was the first step in the smart grid transformation.
The SMI program required the introduction of many new devices and applications into BC Hydro’s infrastructure. Some of these had never been deployed before anywhere in the world. Many were field deployed, outside of BC Hydro’s physical security perimeter.
The SMI Security Delivery Team was formed to deliver on these commitments and to take responsibility for the end to end security of the SMI program. The Team implemented a multi-pronged approach to securing SMI including security risk assessments, security penetration testing by the team, design reviews, whole project risk assessments and third party security penetration testing.
A standards based approach was required to ground the test plan both in best practice and in a common set of principles that BC Hydro and its vendors could accept. The Advanced Metering Infrastructure (AMI) Risk Assessment document prepared by the Advanced Metering Infrastructure Security (AMI-SEC) Task Force was used as a basis for the test plan. This document has since been passed to the National Institute of Standards and Technology (NIST) Cyber Security Working Group and was integrated into NIST IR 7628. NIST IR 7628 contains a comprehensive list of possible threats to AMI systems.
The program was highly successful. Test results informed BC Hydro’s deployment decisions and allowed the manufacturers to improve their products. Lessons were learned about how best to conduct third party security testing. A full lessons learned section is included in the presentation.
Industrial Control System Cyber Security and the Employment of Industrial Fir...Schneider Electric
This presentation provides an overview of industrial control systems and typical system topologies, identifies typical threats and vulnerabilities to these systems, and provides recommended security countermeasures to mitigate the risks.
A business-level review of current security standards for the energy and utility school, a look around the corner at what's coming next from the standards bodies, and a discussion of the burdens this amount of change and uncertainty is is placing on executives and security professionals in the electric utilities.
CPM Braxis Capgemini the unique Cisco Connected Grid authorized partner in Brazil to help utilities address their challenges on the Smart Grid infrastructure environment.
Robust Cyber Security for Power UtilitiesNir Cohen
The security of critical networks is at the center of attention of industry and government regulators alike. Check Point and RAD offer a joint end-to-end cyber security solution that protects any utility operational technology (OT) network by eliminating RTU and SCADA equipment vulnerabilities, as well as defends against cyber-attacks on the network’s control and data planes. This solution brief explains how the joint solution enables compliance with NERC-CIP directives, provides deep visibility and control of ICS/SCADA communications, and allows secure remote access into OT networks.
ZigBee technology provides unique features for the deployment of RTLS systems in certain segments and markets. The added possibility of management of all kinds of sensors (temperature, humidity, presence and movement, dangerous gases, electricity consumption,...) and actuators (air conditioning, valves, opening and locking of doors and windows, alarms, control lights and appliances, ... ) enables to provide a complete solution under a single, robust technology
This document briefly describes what is ZigBee, their main characteristics and its implementation as an RTLS system. It includes a description of specific use cases for hotels, supermarkets, healthcare, police, security and vigilance, industry and miners.
In particular describes the n-Core® platform, under ZigBee technology, which supplies a complete development and production environment both for automation services as well for location (RTLS) services.
As always, any comment will be welcome. If you wish to learn more about the n-Core® platform please contact me or send me an email.
Top 10 Reasons Enterprises Prefer Juniper WirelessJuniper Networks
Juniper's WLAN solution meets the mobility needs of today's enterprises by delivering the highest levels of reliability, scalability, management and security. Click to learn more about Juniper Networks: http://juni.pr/CBlpSS
Summarising Snowden and Snowden as internal threatClubHack
A quick lookback at snowden's revelation and also lookign at snowden as an insider threat
*This presentation end abruptly because during the talk it ends as food for thought and kickstart of next session*
Fatcat Automatic Web SQL Injector by Sandeep KambleClubHack
What is FatCat Sql injector: This is an automatic SQL Injection tool called as FatCat.
Fatcat Purpose? : For testing your web application and exploit your application into more deeper.
FatCat Support:
1)Mysql 5.0
FatCat Features?
Union Based Sql Injection
Error Based Sql Injection
MOD Security Bypass (WAF)
The Difference Between the Reality and Feeling of Security by Thomas KurianClubHack
The paper shall focus on the following:
The paper shall focus on the following:
1) Introduction to the problem: Focus on “security awareness”, not “behavior”
2) Real life case study of why a US$100, 000 “security awareness” project failed
a. Identifying the human component in information security risks
b. Addressing the human component using “awareness” and “behavior”
strategies
4) Sample real-life case studies where quantifiable change has been observed
Original research and Publications
The talk is modeled on the methodology HIMIS (Human Impact Management for Information
Security) authored by Anup Narayanan and published under “Creative Commons,
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...ClubHack
NFC or the Near Field Communication allows cell phones to perform specified actions whenever they detect NFC tags or signals from other NFC enabled device. Most of the recent phones including Samsung Galaxy S3, Nokia Lumia 610, Blackberry Bold etc have NFC enabled with them. NFC even helps enterprise/payment gateways to ease up users actions, such as connecting to a wifi, setting a bookmark, making payments etc.
Gone are the days of sending Android malware links through URL or attachments. In this talk, we will be showing how an attacker could steal the private and sensitive information from one’s phone and even perform malicious actions on user’s phone, using NFC as an attack vector. NFC attack vectors come in two forms : Active(setting attacker’s phone as a proxy between victim’s smartphone and the payment terminal) and Passive(using NFC tags).For our demonstrations, we would be creating malicious NFC tags which when detected by any smartphone(NFC enabled) would steal sensitive informations from the phones (without the users knowledge) as well as trick user to install malicious applications to his phone. Thereafter, we would also be talking about how an attacker could get in close proximity of another NFC-enabled phone, get a remote shell on the victim’s phone and compromise the phone’s security. We would also be discussing how viral an NFC attack could go in future, if proper security measures are not enforced.
Legal Nuances to the Cloud by Ritambhara AgrawalClubHack
This presentation highlights the key legal risks and their implications in cloud computing. Cloud is inherently multi-jurisdictional, encompassing, remote hosting and processing of the data. This gives rise to multiple legal issues including security and privacy of the data, IP Rights, data portability, contractual limitations, risk mitigation and jurisdictional disputes.
As the cloud involves remote hosting and data accessibility by multiple parties, security and privacy remains the biggest concern for the companies. Businesses should look at issues ranging from physical location of the data centers, protection of the data against any adversity and intrusion, and access rights management.
The cloud servers are often located in different countries, which results in trans- border Data Flow. Each country has its own set of legal rules and regulations regarding data protection and privacy policies and the same can bring in complications in form of conflicting laws and jurisdictional disputes. Issues pertaining to IP rights, trade secrets and ownership of the data placed in the cloud require utmost attention. Termination and exit clauses are critical to the contract in the clouds. Interoperability of the data in the event of termination of services of a vendor is an important aspect to be considered in the contracts.
Infrastructure Security by Sivamurthy HiremathClubHack
With the development of technology, the interdependence of various infrastructures has increased, which also enhanced their vulnerabilities. The National Information Infrastructure security concerns the nation’s stability and economic security. So far, the research in Internet security primarily focused on securing the information rather than securing the infrastructure itself.
The pervasive and ubiquitous nature of the Internet coupled with growing concerns about cyber attacks we need immediate solutions for securing the Internet infrastructure. Given the prevailing threat situation, there is a compelling need to develop Hardware redesign architectures, Algorithms, and Protocols to realize a dependable Internet infrastructure. In order to achieve this goal, the first and foremost step is to develop a comprehensive understanding of the security threats and existing solutions. These attempts to fulfil this important step by providing classification of Security attacks are classified into four main categories: DNS hacking, Routing table poisoning, Packet mistreatment, and Denial-of-Service attacks. We are generally discussing on the existing Infrastructure solutions for each of these categories, and also outline a methodology for developing secured Nation.
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar KuppanClubHack
Today there is a flood of tools to help with the automation of active scanning and exploitation of web applications. Once you move beyond these two functions the flood reduces down to a trickle. Vulnerability hunting is a fine art that requires a knack for seeing hidden patterns and connections. Tests like hidden parameters guessing are seldom performed by even skilled testers because of the time and effort involved in preparing for and performing them. When was the last time you identified a piece of sensitive data hidden in plain sight because it was hex encoded in to a very inconsequential looking string?
Do you enumerate all possible avenues for stored XSS in an application? A lot of times checks are missed because there is no good tooling available to perform them effectively and efficiently. HAWAS is the tool you have been missing for a long time now. It is an open source tool that is designed for hybrid analysis. It performs automated passive analysis of a web application with no input from the user for some cases and with specific application specific input for some other cases. Based on the initial set of findings the user can perform further checks from within HAWAS. HAWAS will help you hugely increase your test coverage with very little additional effort.
Hacking and Securing iOS Applications by Satish BomissttyClubHack
iOS applications share common set of classes and highly depends on the operating system solutions for data communication, storage and encryption. Solely depending on the Apple implementation made them less complex but it affects security of the applications. Though iOS comes with a great set of security features like code signing, ASLR, DEP, sand boxing and Data Protection, all of them are subject to attack. Relying only on the iOS security could lead to demise the sensitive data stored within the application when the iOS is compromised. Application security can be improved by understanding the weaknesses in the current implementation and incorporating own code that work better.
The presentation illustrates several types of iOS application attacks like run time manipulation, custom code injection, SSL session hijacking and forensic data leakage. It gives an insight into the iOS Keychain & data protection API and explains the techniques to circumvent it. The presentation will provide guidelines and suggests best practices for secure iOS application development.
Critical Infrastructure Security by Subodh BelgiClubHack
Industrial Automation & Control Systems are an integral part of various manufacturing & process industries as well as national critical infrastructure. Concerns regarding cyber-security of control systems are related to both the legacy nature of some of the systems as well as the growing trend to connect industrial control systems to corporate networks. These concerns have led to a number of identified vulnerabilities and have introduced new categories of threats that have not been seen before in the industrial control systems domain. Many of the legacy systems may not have appropriate security capabilities that can defend against modern day threats, and the requirements for availability and performance can preclude using contemporary cyber-security solutions. To address cyber-security issues for industrial control systems, a clear understanding of the security challenges and specific defensive countermeasures is required. The session will highlight some of the latest cyber security risks faced by industrial automation and control systems along with essential security controls & countermeasures.
Content Type Attack Dark Hole in the Secure Environment by Raman GuptaClubHack
With the increased in security awareness it’s very difficult to compromise the network/workstation, as most of network administrator put very restrictive firewalll policy for incoming network traffic i.e. allow only traffic for http/https service and antivirus software can easily detect any virus/worm infected file. This talk is about content type attack that cannot be blocked at network perimeter/firewall and undetectable by antivirus. The discussion also includes demonstration of attack vector to compromise the system. At last it includes analysis of malicious file used to compromise the system.
Abstract of the paper;Cross site scripting (XSS) attacks are considered one of the most dangerous attacks. When an application accepts un-validated user inputs and sends it back to the browser without validation, it provides attackers with an opportunity to execute malicious scripts in victim users’ browsers. By using this attack vector, malicious users can hijack user accounts, deface websites, carry out phishing attacks etc .XSS shell is a cross domain tool to carry out XSS attack in more controlled manner. It is used to setup a channel between attacker and victim’s browser and controlling the victim’s browser.
It gives me immense pleasure to tell you that from 06-02-10 to 06-02-12 our magazine has completed two successful and rejoicing years. We at ClubHack are super excited! I hope you people are enjoying the magazine and would continue doing so it in the coming future too. We enjoy making this for you all.It is said that “A lot can happen over a cup of coffee”. We experienced this amazing moment over a cup of coffee when we had the idea of starting a hacking magazine and it now it has come all this way… :). 2 years looks small when we look back.For this incredible success we at ClubHack would like to thank all our readers, volunteers and authors for giving us such unbelievable support. As we want to keep up the growth and progress therefore we request you all to keep throwing in articles, suggestions, support and your love!
Coming to this issue we have Network Security in Tool Gyan which will put light on how to set up a secured network, Who wants to be a Millionaire in Tool Gyan, check out yourself of what exactly its all about ;)TOR in Mom's guide for all those who thought 'It sounds very complicated to use, I’m not a hacker! I can’t use it!' by our Author- Federico from Italy.
From this month’s issue we plan to start a new section on secure coding. This section will essentially focus on good coding practices and snippets to mitigate various vulnerabilities. To begin with we have an article on PHP based RFI/LFI vulnerability. I hope you will like reading it. We also have some cool articles on XSS attacks, ROT decoding and Matriux section.
Do send us your feedback on abhijeet@chmag.in this will help us improve further.
We are now in mid of 2012. As predicted by many techno geeks, this year is phenomenal for IT related technologies including security, networking and web technologies. In April cloud war is started between two big rivals Microsoft & Google. Both making sure that its going to be secure and useful for smart phone users as well. With introduction of new such technologies we must ensure security over the web. Here HTTPS comes into picture and we brought this topic in CHMag's Mom's guide. Along with it topics like Steganography(Tech Gyan), a new toolkit - Kautilya(Tool Gyan), preventing SQL injections(Code Gyan) are covered.
If you have good write up and topic that you think people should know about it then please share with CHMag. Also if you have suggestions, feedback & articles, send it on info@chmag.in. Keep reading!!
There was a time when mobile phones were of the size of a shoe and had no features other than calling and sms and at that time I used to play the game - Snake on my dads phone :p Now as the time has passed we have reached the age of smart phones which are capable of doing lot of stuff and world wide web of application causing serious concern where an attacker can use this platform to steal data. This issue of CHMag is dedicated Mobile/Telecom Hacking and Security.
The coverpage of this December issue was released at ClubHack 2011, India’s Pioneer International Hacking Conference held last week. Talking about ClubHack Conference, if you missed ClubHack here are the presentations available at - http://www.slideshare.net/clubhack and videos at http://www.clubhack.tv/event/2011/
We recently released CHMag's Collector's Edition Volume II. If you wish to buy the Collectors Editions (vol1 – from issue 1 to 10 & vol2- from issue 11 to 20), please write back to us: info@chmag.in. As of now its on demand printing.
Like the game - Snake, I have played lots of other games too which have reflected in the previous coverpages I have designed and yes I promise another awesome coverpage based on a game on the theme of android security which would be the theme for an upcoming issue, for which send in your articles to info@chmag.in
5. What‟s a “Smart Grid?”
Smart Grid is a developing Network of new
Technologies, equipment, and controls working
together to respond immediately to our 21st
Century demand for electricity.
Technology Used
Integrated Communication
Sensing
Smart Meters
Phasor Measurement Units
Advanced Components
Advanced Control
Decision Support System
Smart Power Generation
9. Another View – Smart Grid
Communications Network
Sensors Regulatory Policy
and and Rule- making
Grid Control Enhanced
Plug In Electric Flexibility & Control Congestion
Hybrid Vehicles Management
Guided By…
Distributed
And Renewable
Energy
Energy
SGCN Results… Efficiency
Demand
Response
Supported By…
Data, Analytics,
and Information
Smart Meters and
Communications Security
Open and
Ubiquitous
New Communication
Devices Voltage
and
Systems Stability
Generation Custom
Applications Enterprise
Integration
10. Evolution of Electrical Utility Risks
PAST PRESENT NEAR FUTURE
HARD-WIRED CONTROL SCADA / RF ENABLED SMART GRID / RF PERVASIVE
Most controls are “hard Intense financial Control inside-the-home of all
wired” AND require pressure to reduce appliances
manual intervention staffing; hence more Wide use of 802.x, ZigBee, X10
“remote” RF methodologies
Lesser public
availability of RF Computerization and RF Uncertain Software Provenance,
devices control common in all Packaged Code and Offshore
industries Development Zero-Day Attacks
Little capability for
damage to or financial Project implementation Increased organized crime/
benefit from RF attacks excellence not always terrorist focus
followed by outstanding
Cost-plus charging – “If security operations Potential for damage to, and
we need it, we‟ll do it! If “net” theft by, every customer
we can‟t do it, we‟ll buy SCADA hacking can
it!” cause Revenue/Risk Asymmetry for
„ “wholesale” damage each customer
Clear regulatory and to neighborhoods and Transition to IP and Windows
financial landscape equipment “Monoculture” for RF devices
Uncertain regulatory, Increased public and regulatory
audit, and liability Scrutiny
landscape
12. Overview of Cyber Security – Threats
Admin Operator
Perform
SQL
Admin
ARP Scan
EXEC
Opens Email
Send e-mail
with Malware
with malware
Acct Operator
Internet
4. 1. Hacker sends anan ARP (Address
Hacker performs e-mail with malware
Resolution Protocol) Scan Master
2.E-mail recipient opens the e-mail and the
DB
5. Once the Slaveinstalled quietlyfound, hacker
malware gets Database is
3. Using the information command
sends an SQL EXEC that malware Slave Database
gets, hacker is able to take control of the e-
6. Performs another ARP Scan RTU
mail recipient‟s PC!
7. Takes control of RTU
Example from 2006 SANS SCADA Security Summit, INL
13. Overview of Cyber Security – Threats
Cyber
Penetration
Attacker Communications
Controls the
Performs Network
(WAN)
Head End
Remote
AMCC
Attacker Disconnect
(Advanced Metering
Control Computer) Communications
Network
(WAN) Retailers
3rd Parties
AMI WAN AMI WAN AMI WAN
Data Management
Systems
(MDM/R)
U N IV ER S IT Y
Example from AMRA
Webinar, Nov ’06
“The Active Attacker”
14. Cyber Security Challenges
The challenge is complex and continuously
changing
Legacy systems need to be protected
Number and geographic location of end points
Relationship to physical security
Systems are 7x24 and critical
The human element / social engineering
15. Cyber Solutions - Defense in Depth
Perimeter Protection
Firewall, IPS, VPN, AV
Host IDS, Host AV
DMZ
Physical Security
Interior Security
Firewall, IDS, VPN, AV
Host IDS, Host AV
IEEE P1711 (Serial Connections)
NAC
Scanning IDS Intrusion Detection System
IPS Intrusion Prevention System
Monitoring
DMZ DeMilitarized Zone
Management VPN Virtual Private Network (encrypted)
Processes AV Anti-Virus (anti-malware)
NAC Network Admission Control
17. Physical Layer Security
Natural Disasters
Snow Storms
Hurricanes
Solar Flares
Geomagnetic Storms
Earthquakes
Flooding
Volcanoes
Recognize that Location of the Smart
Grid Components Can Be Affected by
the Surrounding Environment
18. Physical Layer Security (2)
Steal the Meters – Sell the Devices
RESPONSE: METER “LAST
GASP” ALERTS WHEN
DISCONNECTED
19. Physical Layer Security (3)
Tamper with the Meter
Cause Meter to Stop Reading - Disconnect
Cause Meter to Mis-Read (or Reverse)
Inject Malware
Modify Encryption
Modify Authentication Mechanism
• July 2009 – Black Hat Conference
• IOActive, Seattle InfoSec Firm
• Proof of Concept – 24 Hours Caused 15,000 of 22,000
Home Smart Meters Taken Over by Malware/Worm
20. Physical & Cyber
Opening the Meter
Accessing Exposed Ports and Connectors
Intercept Data Between Microcontroller and Radio
Infrared Port Attack/Hack
21. Cyber Layer Security
The Biggest Opportunity for Trouble
“The Last Mile” Issues
Remember – Added Complexity Causes Concerns
22. “Last Mile”
Broadband Power Line
Systems
Power Line Carrier
Systems
Public Switched
Telephone Network
(PSTN)
Cat5/6 Network
Connection
Radio Frequency
WiMax
ZigBee
6LoWPAN
802.11x
Cellular
(CDMA/EVDO,
GSM, LTE)
23.
24. Cyber Attacks
Remember C I A
Confidentiality Attacks
Reading, “Sniffing” the data
Integrity Attacks
Changing the Data
Availability Attacks
Denial of Service – Prevent Use of Service
25. Confidentiality Attacks
Buffer Overflow
Inject Data that is too “Big” for the Meter/System
Predominantly Caused by Bad Software Development
Snooping / Sniffing
Reading / Capturing the Data between Meter and Collector and Vice Versa
Also Internal to Meter Between Microcontroller and Radio
A Reason for Encryption – “Cleartext is Bad”
Hacking the Encryption
Some Protocols Easy to Break
Causes – Weak Keys, Weak Protocols, Weak Initialization Vectors
Man-in-Middle Attack
“Bit Flipping” Attacks (Weak Integrity Functions)
Breaking Into Password Storage on Devices
“Race Condition” Exploits
A race condition is of interest to a hacker when the race condition
can be utilized to gain privileged system access.
26. Integrity Attacks
Key: Change the Data
Replay Attacks (Man-in-the-
Middle)
Why?
Change the Bill (Up or Down)
Modify Usage Data
Use Data for Fraud
Use as Alias
“Gee Officer, I wasn‟t home that night!”
27. Availability Attacks
Denial of Service (DoS) Attacks
Examples: Georgia Cyber War, Estonia Cyber War
Spoofing
Pretending You are Another Meter
Meter Authentication Weaknesses
Manipulate Meter to Collector
Or
Manipulate Collector to Meter
Name Resolution Attacks
Meter Name Cache Poisoning
Denial of Service Attacks Against DNS Servers
Reroute Meter Traffic to Another Meter or Collector or Network
Hold Ransom
Before Super Bowl?
Over a Community/Neighborhood?
Wartime Reserve
Chipset Backdoor “Pre-Attack” in Smart Meters
http://www.aclaratech.com/AclaraRF/PublishingI
mages/starsystem_th.jpg
29. Privacy Attacks (2)
Determine Lifestyles
Determine Best Time to Rob
Use Info to “Sell” Services (e.g., “I‟m here to fix your broken
refrigerator, Ma‟m!)
http://www.baystatetech.org/graphics/major-app.jpg
30. STORAGE ISSUES
A Paradigm Shift Microsoft Clip Art Online
www.smartgridnews.com
Today’s Environment The Future Smart Grid
Analog Meters or Simple Digital Meters “Smart” Digital Meters & “Smart”
Manually Read or Use “Drive By” Reading Sensors
Read Monthly (or Less Frequently) Automatic Reading
Read Every ~15 Minutes or More
Minimal Data Accumulation
Frequently
Simple Data Fields – KWH Used Since “Data Avalanche!” – Numerous Data
Last Reading Fields and Classes
www.smartgridnews.com
Circuit Breaker Relays – ENHayden
ENHayden - Used -- Used with
with Permission Permission
31. Storage Considerations
Costs for More Data Centers and Storage
Error Handling
Data Analytics and Business Intelligence Resources
Security of Data – Static and Dynamic…
Stored or in Transit
Privacy of Data – Consider EU Privacy Laws
Consumer Education Requirements
Auditing, Reporting, Regulatory Impacts
32. What To Do?
#1: DON‟T GIVE UP!
#2: DON‟T IGNORE THE THREATS!
#3: LEARN AND STUDY – DO THREAT MODELING
#4: INCLUDE SECURITY, IT, UTILITY OPERATIONS
IN PLANNING AND SOLUTION DEVELOPMENT
#5: WORK WITH SECURITY EXPERTS
& CONSULTANTS
#6: ASK HARD QUESTIONS
#7: BUILD DEFENSE-IN-DEPTH IN EVERY PHASE
OF
YOUR SMART GRID SOLUTION
#8: INCIDENT RESPONSE SET UP, PRACTICED
#9: STORAGE – PLAN, IDENTIFY CONTINGENCIES,
LOOK OUTSIDE THE BOX
#10: INCLUDE SECURITY EARLY, OFTEN