Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net
Cyber Research CenterIndustrial Control Systems © Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net
Critical Infrastructure Protection & Resilience
ITARC Amsterdam, September 2017
There is No place Anymore for Enterprise and IT Architecture, if you can' t deal with Current and Future Cyber Threats!
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 2
Cyber Research Director, Speaker & Publicist
Thought LeaderCyber Terrorism, ICS & EA President & Thought Leader
Author / Co-author of 15 Professional Books & more than 100+ Articles / Papers
Awarded with the 2013 Global Excellence iCMG
Hall of Fame Award, India
Cyber Research Center -
Industrial Control Systems
Advisor NIST Cyber Security FrameworkCritical Infrastructure Development
Ass. - Professor
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net
All the information contained in this presentation and shared with you duringthe presentation is in the public domain. The Cyber Research Center – IndustrialControl Systems (CRC-ICS) is not responsible for the accuracy or correctness ofthe shared public domain information. Reference to any specific website,process, or service by trade name, trademark, supplier, or otherwise, does notconstitute or imply its endorsement, recommendation, or favouring by CRC-ICS.
3
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 4
Food Industry
Chemical Industry
Nuclear / Power
Healthcare / Hospitals
Manufacturing Industry
Energy Grids
Telecom Networks
Oil & Gas Industry
Water Supply Networks
Banking / Finance
Transport / Aviation
Government / Military
An Interconnected, Intelligent & Instrumented World?
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net
The Art of War is an ancient (-496 B.C.) Chinese military treatise attributed to Sun Tzu, a high-ranking militarygeneral, strategist and tactician. It is commonly known to be the definitive work on military strategy and tactics,and for the last two thousand years has remained the most important military dissertation in Asia. It has had aninfluence on Eastern and Western military thinking, business tactics, legal strategy and beyond. Leaders as diverseas Mao Zedong and General Douglas MacArthur have drawn inspiration from the work.
5
Admiral Rogers lead the NSA and is the commander of the U.S.A. Cyber Command,
the Pentagon's army of cyber warriors; Since March 2014.
Many of Sun Tzu conclusions remain valid today in the cyber warfare era as Admiral Michael S. Rogers said recently.
Characteristics - Art of Cyber War1. Artificial Environment2. Geography changes without warning3. Physical proximity loses relevance4. Blinding development of technology5. Anonymity6. Few moral inhibitions
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 6
NATO (2008)
• Cyber terrorism is “a cyber attack using or exploiting computer or communication networks to cause sufficient destruction to generate fear or intimidate a society into an ideological goal.”
US Federal Bureau of Investigation
• Cyber terrorism is any "premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents."
Center for Strategic and International Studies (CSIS):
• The use of computer network tools to shut down critical infrastructures (e.g., energy, transportation, government operations) or to coerce or intimidate a government or civilian population.
Henry C. Lee College of Criminal Justice and Forensic Sciences: William Tafoya, Professor of Criminal
• The intimidation of civilian enterprise through the use of high technology to bring about political, religious, or ideological aims, actions that result in destroying or disabling critical infrastructures.
• Cyber terrorism is a controversial term. Some authors choose a very narrow definition, relating to deployments, by knownterrorist organizations, of disruption attacks against information systems for the primary purpose of creating alarm and panic.
• Cyber terrorism can be also defined as the intentional use of computer, networks, and public internet to cause destruction andharm for personal objectives. Objectives may be political or ideological since this can be seen as a form of terrorism.
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 7
Cyber Crime Research Center
• Cybercrime is defined as crimes committed on the internet using the computer as either a tool or a targetedvictim. It is very difficult to classify crimes in general into distinct groups as many crimes evolve on a dailybasis. Even in the real world, crimes like rape, murder or theft need not necessarily be separate. However, allcybercrimes involve both the computer and the person behind it as victims, it just depends on which of thetwo is the main target. Hence, the computer will be looked at as either a target or tool for simplicity’s sake.For example, hacking involves attacking the computer’s information and other resources. It is important totake note that overlapping occurs in many cases and it is impossible to have a perfect classification system.
Techopedia
• Cybercrime is defined as a crime in which a computer is the object of the crime (hacking, phishing,spamming) or is used as a tool to commit an offense (child pornography, hate crimes). Cybercriminals mayuse computer technology to access personal information, business trade secrets or use the internet forexploitive or malicious purposes. Criminals can also use computers for communication and document ordata storage.
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 8Snapshot Cyber Attack Monitoring 09-25-2017
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net
OCTOBER 2017
On Access Scan
On Demand Scan
Mail Anti Virus
Web Anti Virus
Intrusion Detection Scan
Vulnerability Scan
Kaspersky Anti Spam
Botnet Activity Detection
TOP RANKINGMOST ATTACKEDCOUNTRIES
# 1 MALI# 2 GERMANY# 3 ECUADOR# 4 SOUTH KOREA# 5 BRAZIL# 6 FRANCE# 8 UNITED STATES# 9 RUSSIA# 11 NETHERLANDS# 22 CHINA
SEPTEMBER 2017
9
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net
Cyber
Espionage
Malware Is
So
Advanced
It Has Its
Own API
A virus
that has
shut down
the ECMC
hospital's
entire
computer
network
APT29
Uses
Stealthy
Backdoor
to Maintain
Access to
Targets
Point of Sale
(PoS)
Manufacturer
Verifone
Breached
ISIS-
Linked
hackers
Attack
NHS
Websites
January February March April May June July August September October November December
2017
10
Hamas
‘Honeypot’
Operations
shows a
Sophisticated
Cyber-
Espionage
Unit
Secret
Details
Emerge
on Iran’s
Cyber
Army ?
???
???
?
Saudi
Arabia:
Cyber Attack
on Chemical
Firm
?
Ukraine
Charges
Russia with
New Cyber
Attacks on
Infrastructure
Several
Polish Banks
Hacked,
Information
Stolen by
Unknown
Attackers
University
suffers
cyber attack
from its own
vending
machines
and lamp
posts
Rotterdam
Airport and
Rumag
websites
Hacked by
Turkish
Hacking Group
ThyssenKrupp
Secrets Stolen
in ‘Massive’
Cyber Attack
?
?
?
?
?
? ?
Industroyer:
Biggest
Threat to
Industrial
Control
Systems
since Stuxnet
Petya
Goldeneye
ransomware
attack using
‘stolen NSA
cyber-
weapon’
called
EternalBlue
sweeps the
world
?
?
Renault shut
down
several
French
factories
after
WannaCry
Cyberattack.
Hackers Are
Targeting US
Nuclear
Facilities ?
FedEx /
TNT
Express
Heavily hit
by Petya
Cyber-
Attack
Maersk hack
impact from
Petya
/Nonpetya
on the APM
terminal in
Rotterdam
Operations
cancelled
as cyber
attack hits
NHS
Lanarkshire
hospitals
and GPs
US Nuclear
Breach
opens new
chapter in
Cyber
Struggle
North Korea
intensifies
cyber
attacks
against
Bitcoin
exchanges
?
??
?Hackers
Gain
Direct
Access to
US Power
Grid
Controls
?
Massive
Equifax
Data
Breach Hits
143 Million
Customers
UK
Universities
Targeted
by Cyber-
Thieves
Iranian Cyber
Espionage
APT33
Targets
Aerospace &
Energy
Sectors and
has Ties to
Destructive
Malware
?
Deloitte hit
by Cyber
Attack
Revealing
Clients’
Secret
Emails
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net
Hackers
destroy
computers
Saudi
Aviation
Agency
Japan Denies
Report of
‘State-Backed’
Cyber Attack
on Military
Hackers are
holding San
Francisco’s
Light-Rail
System for
Ransom
Classified
US Defense
Network
Outage Hits
Air Force’s
Secret
Drone
Operations
DDoS Attack
halts Heating
in Finland
amidst Winter
Security
camera was
infected by
Mirai-like worm
malware 98
seconds after it
was plugged in
DDOS Attack
Against Dyn
Managed DNS
Servers
Nuclear
Power Plant
Disrupted by
Cyber Attack
?
?
?
???
US Accuses
Russia of
Hacking
Attempts on
Political Groups
Ghost
Squad
Hackers
Attack
Websites
For
Israeli
Prime
Minister
Washington Think
Tank Organizations
Hacked by APT29
Monsoon APT Has
Been Hacking
Targets Around the
Globe Since 2010
US Ports
Targeted with
Zero-Day
SQL Injection
Flaw
Operation Ghoul
Industrial Espionage
Hackers Targeted
130 Companies in
More than 30
Countries
Iran Investigates If
Series of Oil
Industry Accidents
Were Caused by
Cyber Attack
Strider
Cyberespionage Group
Hit Seven Targets in
China, Russia,
Belgium, Sweden
Israel’s Electric
Authority Hit by
‘Severe’ Hack
attack
Airport
Systems at 2
major Airports
in Vietnam
Hacked by
Chinese
Group
UK Railway
Network Suffered 4
Cyber Attacks in the
Past Year
SFG Malware
Discovered in
European
Energy
Company
Saudi Military &
Government Security
Personnel Targets
Android Spyware
NATO Declares
Cyber an Official
Warfare
Battleground,
Next to Air, Sea
and Land
Terrorist Groups
Acquiring the
Cyber Capabilities
to bring major
Cities to a
Standstill
Stuxnet-like
IRONGATE
Malware Found
Targeting
SCADA
Equipment
Ke3chang is
Back and It’s
Targeting
Indian
Embassies
Suckfly Cyber
Espionage
Group Targets
Indian
Companies
South Korea
Accuses North
Korea of
Hacking
Defense
Contractor
Tick Cyber
Espionagegroup
active for at least
10 years in Japan
Ransomware
Virus Shuts
Down US
Electric and
Water Utility
German Nuclear
Plant’s Fuel Rod
System
Swarming with
Old Malware
Bangladesh
Central
Bank –
Billion
Dollar Hack
US to blame Iran for
Cyber Attack on small
NY Dam
Pirates Hack into
Shipping
Company’s Servers
to Identify Booty
Israel is
Pioneering
new weapons
on the “Modern
Battlefield”
Russian
Software Could
Threaten US
Industrial
Control Systems
China Hacking
& Stealing
Military
Secrets of
Norway
Hackers take
Hospital
Offline,
demand $
3.6 M
ransom
UK (GCHQ):
We Failed On
Cybersecurity
?
?
?
Clever Bank
Hack allowed
Crooks to make
Unlimited ATM
withdrawals
Cyber Security
Threat could
cause
‘Fukushima-like
Disaster’
December January February March April May June July August September October November December
2015 2016
11
Loco Motives?
Hacker Attacks
could Derail
Train Cyber
Security
?
?
??
Ukraine Blackout
is a Cyberattack
Milestone ?
F35 – Joint
Strike Fighter,
Cyber Security
Tests delay
prompts
Vulnerability
Concerns
APT28: A Window
into Russia's Cyber
Espionage
Operations?
China blamed
for ‘Massive”
Cyber Attack
on Australian
Government
?
?
?
?
?
?
?
?
US Govt.
Hackers
Ready to
hit Back if
Russia
Tries to
Disrupt
Election?
?
?
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net
?
Russian Proxy Forces Bring
Down An F-16 In a Beta
Test for World War III
US Cyber Warfare:
Use of Drones to
Infect Spyware
November December January February March April May June July August September October November
2014 2015
Turla APT malware
threat uses satellites to
avoid detection.
Russian Signature
12
Operation Pawn
Storm: Russian
hackers exploit
unusual Java zero-
day to hit unnamed
NATO country
Russian Cyber
Attack Targets
Pentagon Email
Systems
Black Vine:
Formidable Cyber
Espionage group
Targeted Aerospace
Operation Pawn Storm: Russian
hackers exploit unusual Java
zero-day to hit unnamed NATO
country
Cyberespionage Group behind
“Duke” Family of Malware
Operation Morpho: Multi-
billion dollar corporations hit
by secretive attack group.
German Patriot
Missile Battery
receives orders
from… unknown
‘Hackers’ – Report
Hacking Team hacked:
Firm sold Spying Tools to
Repressive regimes,
documents claim
Dino backdoor trojan
(Cyber-Espionage
tool) target computers
in Iran
U.S.A. Federal
employee Data stolen -
China Signature
Operation Epic Turla –
Russian Signature?
Sony Pictures hit by a Major
Cyber Attack – Origin NK?
French Network TV5
Monde Hacked
Operation Pawn
Storm - Ramps Up its
Activities; Targets
NATO, White House
– Russian Signature?
LOT Polish Airlines
Ground Operations
Hacked
German Parliament
Hacked, Russia is
Primary Suspect
Hacked Turkey
Pipeline exploded
China-Based APT17
(DeputyDog)
conducted network
intrusions against
several Industries
Project Pistachio Harvest -
Iran Increasing Both
Sophistication and
Frequency of Cyber Attacks
NSA & GCHQ accused of
Hacking Sim Card firm
Gemalto
Equation Group –
Targeting several
Industries: NSA Related?
Regin – Top-tier
Espionage Tool
– NSA related?
Operation Cleaver –
Targeting Several Industries:
Iran Nation-State Activities
U.S. Officials Report Hackers
Gained Access to Sensitive
White House Networks
China Reveals Its
Cyberwar Secrets: The
Science of Military
Strategy 2013
Anthem Blue Cross /
Blue Shield Hacked
The Carbanak
Cybergang Stole $ 1bn
from Banks
ASML hack: Global Chip
Machine producer in the
Netherlands and France
– China related?
Cyber Attack Causes
Physical Damage at German
Iron Plant in Brasil – Origin ?
Australian Mining and
Natural Resources
Companies Hacked
?
?
?
??
? ?
?
?
?
??
?
?
?
?
?
?
?
?
?
? ?
?
?
?
Iranian Military
Spear-phish of
US Government
ISIS is
attacking
the US
Energy Grid
ISIS plotting
Cyber Warfare
to Kill People
in UK
Hacking Group
Strontium dogs NATO
and Government
targets
?
?
?
?
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 13
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 14
Networked Consumer Electronics
Networked Everything (IoT)
What about Securing Networked Society?
Cyber Protection is about…..
>2020
Process
Mobile
Business
Home
DataThings
People P2P
P2M
M2M
Networked Industries
All these Functionalities are
Never Designed with Security in Mind
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net© Copyrights CRC-ICS 2017 – All Rights Reserved
All the data used for the creation of this
image is based on the Shodan Engine
looking for BMS/ICS/SCADA open ports.
• Bacnet (Port 47808)
• DNP3 (Port 20000)
• EtherNet/IP (Port 44818)
• Niagara Fox (Ports 1911 and 4911)
• IEC-104 (Port 2404
• Red Lion (Port789)
• Modbus (Port 502)
• Siemens S7 (Port 102)
Source: https://www.shodan.io 15
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 16
Cyber
Resilience
Cyber
ResistanceCyber
Awareness
ControlsDefense in
Depth
Cyber Governance Model
Threats
Vulnerabilities
Operations
Risk
Cyber Risk Analysis
Assessment
Security
Enterprise / Corporate IT Security
Industrial Control Systems /
Critical Infrastructures Security
(Most
Important
Assets /
Crown
Jewels)
What to Defend? - Where is the Risk? – What can you Do?
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 17
3 Domains in Cyber & Architectural Governance
Enterprise / Corporate IT Security
Industrial Control Systems /
Critical Infrastructures Security
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net
“Defense-in-Depth” & “Separation of Concerns”
Resistance / Resilience where possible on every level:Device / hardware / network / firmware / operating systems / network protocols software / applications / organisation / user / contractor / developer / vendor
18
Segregate /
separate
networks &
functionalities
Wireless &
(Remote) Identity /
Access Control
Increase Robustness,
Harden Systems,
Networks, Devices
Immediate Patch,
Patch where
possible,
Patch!!!
Monitor & Control,
Deep Packet
Inspection
People,
Policies,
Procedures,
Technology,
EnvironmentIncident Response & Recovery
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 19
Security Zone Definition ‘Security zone: grouping of logical or physical assets
that share common security requirements’.
[ANSI/ISA99-IEC62443]
A zone has a clearly defined border (either logical or
physical), which is the boundary between included and
excluded elements.
Conduit DefinitionA conduit is a path for the flow of information between
two zones:
It can provide the security functions that allow different
zones to communicate securely.
Any transfer of electronic data between zones must
have a conduit.
Conduit
Supervisory Zone Controller Zone
Level 6
IoT / Mobile (Industrial)
Level 0
Process Equipment Under Control
Level 1
Local or Basic Control
Level 2
Supervisory Control
Level 3
Operations Management
Level 4
Enterprise Systems
Level 5
Enterprise Network
Business Planning & Logistics
Process Operations
Management
Production Supervison
Production Control
Production Ind
ust
rial
Co
ntr
ol
Syst
em
s (I
CS
)
Enterprise Facilities
IoT / Mobile Facilities
Fundamentals of “Defense-in-Depth” & “Separation of Concerns”Awareness / Resistance / Resilience on every Level!
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 20
Protection? Protection?
Detection?
Attack Indications
& Warnings
Intrusion
Detection &
Monitoring
Business
Network Events
Process Control
Network / System
Events
Analysis &
Correlation
External
Events
Detection?
Find the Right Balance between
Protection versus Detection / Respond
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net
Enterprise / Corporate IT Security
Industrial Control Systems /
Critical Infrastructures Security
Important Aspects of Protection / Detection
Process
P2P
Mobile
People
P2M
Business
DataThings
M2M
Business
21
Information
Security Program &
Planning
(IR, DR, BC)
Awareness,
Education &
Training
Access, Measures &
Security Controls;
Procedures;
Policies & Laws;
Recovery &
Continuity Plans
People & Processes Technology
Access
Controls
Backups
Encryption
Proxy Servers
Network IDS
Firewalls
(UTM / DPI)
Host IDS
Patches &
upgrades
Networks &
Systems Monitoring
Redundancy
Network IPS
Processes
People
Systems
Networks
Internet
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 22
Enterprise / Corporate IT Security
Industrial Control Systems /
Critical Infrastructures Security
PRIVACY & INFORMATION GOVERNANCE
INFORMATION ASSURANCE
BUSINESS CONTINUITY MANAGEMENT
RESILIENCE,DIVERSITY
REDUNDANCY INFORMATION
RECOVERY
ADEQUACY OF CONTROLS
CORPORATE
CYBER
NETWORK ATTACK
RADSEC
(TEMPTEST+EMI,E
LSEC,RFSEC)
INFOSEC
IA RISK
MANAGEMENT
SECURITY BY DESIGN
COMSEC
&
TRANSEC
EMIP
(EM Interference
Protection :EMC,
HEMP/HERF)
CORPORATE
CYBER
NETWORK
OPERATIONS
COMPUTER
NETWORK
EXPLOTATION
CERTIFICATION & ACCREDITATION
SECURE DEVELOPMENT
COMPLIANCE & AUDIT
SECURITY OPERATION CENTER
PLANT / SITE
PROCESS CONTROL
NETWORKS
SCADA / DCS
CONTROL
NETWORKS
SENSOR I/O
CONTROL
NETWORKS
SITE / PLANT
COMPUTER NETWORK
OPERATIONS
PLANT COMPUTER NETWORK
EXPLOTATION
PLANT COMPUTER
NETWORK ATTACK
NETWORK MONITORING & PROTECTION
THREAT & VULNERABILITY
ANALYSIS
CYBER SECURITY
SECURITY
PHYSICAL
SECURITY
PERSONNEL
SECURITY
CONTRACTORS
SECURITY
IDENTITY /
ACCESS
MANAGEMENT
COMPLIANCE
MANAGEMENT
NETWORK
INTRUSION
DETECTION
WIRELESS INTRUSION
PROTECTION
DEEP PACKET
INSPECTION
DOCUMENT
SECURITY
INVESTIGATIONS,
Incl. FORENSICS
DATA / IP SECURITY
DATA SECURITY
ORGANIZATIONAL
SECURITY
PHYSICAL / CYBER SECURITY
ENTERPRISE ARCHITECTURE
OPERATIONS MANAGEMENT
BUSINESS & IT ARCHITECTURE
RISK & COMPLIANCE
BUSINESS CONTINUITY, ETC.
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 23
Level 5
Enterprise
Network
Level 4
Enterprise
Systems
Level 3
Operations
Management
Level 2
Supervisory
Control
Level 1
Local or
Basic Control
Level 0
Process
Equipment
Under Control
Internet
Office Network
Control Network
External Network
Insecure External IoT
/ Mobile Connections
Misconfigured
Firewalls
Wrong Type
FirewallsInfected
Laptops
Insecure
Wireless LANInsecure
Modems
Infected USB
Keys
Insecure
Serial Links
3rd Party /
Contractor IssuesRS-232
11
2
1
4
9
Spoofing / Phishing
7
6
8
10
Infected PLC
Logic
X
X
Insecure
Wireless I/O
Insecure RFID
Insecure
Bluetooth
13
14
12
15
5
Insecure NFC
16
APT / Zero-
Day-Exploits
ISA99 /
IEC62443
Unpatched
Software17
Production Network
Level 6
IoT / Mobile
3
External Mobile Workers
Contractors
Internet of Things
Machinery
Misconfigured
Login Credentials
18
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 24
Cyber Protection & Resilience
Original Source: Digitalist Magazine July 2016
Sa
fety
, S
ec
uri
ty,
Pri
va
cy,
GD
PR
Sa
fety, S
ec
urity, P
riva
cy, G
DP
R
Cyber Protection & Reselience
Digital TransformationC
u
s
t
o
m
e
r
s
The New Reality!
Level 5
Enterprise
Network
Level 4
Enterprise
Systems
Level 3
Operations
Management
Level 2
Supervisory
Control
Level 1
Local or
Basic Control
Level 0
Process
Equipment
Under Control
ISA
99
/ I
EC
62
44
3Level 6
IoT / Mobile
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 25
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net
Mobile Drilling
Rig
Battery Tank RTU - Remote Terminal Unit
PLC - Programmable Logic
Controller
Emergency
Response
Work Vehicle
CWE - Collaborative Work Environment
Process
Domain
Video Monitoring
To HQ
Central Control
Room
SCADA Systems
CYBER SECURITY -
SMART / DIGITAL OIL
FIELD
Well Pad
Field
Office
Well Head Automation
Mobile Field Connectivity
Operational Video Surveillance
Micro Seismic Applications
Asset Tracking via RF-ID
Energy Management
Collaborative Working Env.
Smart Drilling
Sea Drilling Rig
Cyber Security
26
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net
Local Energy
Massive Solar Energy
Hydro Energy
Wind Energy
Energy Storage
Conventional Energy CYBER SECURITY -
SMART GRID (E2E)
Solar Energy Automation
Wind Energy Automation
Hydro Energy Automation
Grid Energy Balancing Applic.
Energy Transport Management
Energy Storage / Management
Collaborative Working Env.
Mobile Vehicle Connectivity
Cyber Security
Central Control RoomsSCADA Systems
27
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 28
• Accept the FACT that Vulnerabilities, Open Doors to the Unexpected.
• Accept that the Type of Threats will Change Continuously.
• Accept that there is NO Separation between the Cyber World and the Physical World.
• Accept that Investing & Maintaining Cyber Protection & Resilience is an Ongoing Activity.
• We’ve become distracted – Outsider & Insider Threat is real & growing
• Terrorism is Multifaceted. Traditional Definitions must be adapted to the New Realities.
You can't Defend.... You can't Prevent….(only to a certain level)
The only thing you can do is Detect and Respond!
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net 29
© Copyrights CRC-ICS 2017 – All Rights Reserved – www.crc-ics.net
The Cyber Research Center - Industrial Control Systems / Critical Infrastructures is a not for profit research & information sharing, expert
center working on the future state of Physical & Cyber Protection and Resilience. CRC-ICS goals are to inform industries / critical
infrastructures about the fast changing threats they are facing and the measures, controls and techniques that can be implemented to be
prepared to deal with these cyber threats.
Jaap Schekkerman | Research Director & Thought Leader [email protected]
30
Cyberspace the Fifth Domain of War ?!
Industrial Control SystemsCyber Governance Guide