Enviar pesquisa
Carregar
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
•
0 gostou
•
765 visualizações
TI Safe
Seguir
Título da Palestra: Como se iniciam os ataques à infraestrutura SCADA?
Leia menos
Leia mais
Tecnologia
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 24
Baixar agora
Baixar para ler offline
Recomendados
A Diet of Poisoned Fruit: Designing Implants & OT Payloadsfor ICS Embedded D...
A Diet of Poisoned Fruit: Designing Implants & OT Payloadsfor ICS Embedded D...
Marina Krotofil
If I Were MITRE ATT&CK Developer: Challenges to Consider when Developing ICS ...
If I Were MITRE ATT&CK Developer: Challenges to Consider when Developing ICS ...
Marina Krotofil
CS3STHLM_2019_krotofil_kopeytsev
CS3STHLM_2019_krotofil_kopeytsev
Marina Krotofil
Improving SCADA Security
Improving SCADA Security
Narinrit Prem-apiwathanokul
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICS
Jim Gilsinn
Securing SCADA
Securing SCADA
Jeffrey Wang , P.Eng
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?
EnergySec
Safe and secure autonomous systems
Safe and secure autonomous systems
Alan Tatourian
Recomendados
A Diet of Poisoned Fruit: Designing Implants & OT Payloadsfor ICS Embedded D...
A Diet of Poisoned Fruit: Designing Implants & OT Payloadsfor ICS Embedded D...
Marina Krotofil
If I Were MITRE ATT&CK Developer: Challenges to Consider when Developing ICS ...
If I Were MITRE ATT&CK Developer: Challenges to Consider when Developing ICS ...
Marina Krotofil
CS3STHLM_2019_krotofil_kopeytsev
CS3STHLM_2019_krotofil_kopeytsev
Marina Krotofil
Improving SCADA Security
Improving SCADA Security
Narinrit Prem-apiwathanokul
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICS
Jim Gilsinn
Securing SCADA
Securing SCADA
Jeffrey Wang , P.Eng
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?
EnergySec
Safe and secure autonomous systems
Safe and secure autonomous systems
Alan Tatourian
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_security
Deepakraj Sahu
Unidirectional Network Architectures
Unidirectional Network Architectures
EnergySec
Stuxnet
Stuxnet
Symantec
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
PECB
Mission Critical Security in a Post-Stuxnet World Part 2
Mission Critical Security in a Post-Stuxnet World Part 2
Byres Security Inc.
White paper scada (2)
White paper scada (2)
Ivan Carmona
RSAC 2021 Spelunking Through the Steps of a Control System Hack
RSAC 2021 Spelunking Through the Steps of a Control System Hack
Dan Gunter
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
HyTrust
CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2
David Spinks
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
Eran Goldstein
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security
Digital Bond
Monitoring ICS Communications
Monitoring ICS Communications
Digital Bond
Sb fortinet-nozomi
Sb fortinet-nozomi
Ivan Carmona
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
FFRI, Inc.
Stuxnet
Stuxnet
shiva_sathish
SCADA Security Presentation
SCADA Security Presentation
Filip Maertens
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016
Derek Harp
S4xJapan Closing Keynote
S4xJapan Closing Keynote
Digital Bond
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber Attacks
Maurice Dawson
Samsung beyond basic android online 0
Samsung beyond basic android online 0
Javier Gonzalez
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
iQHub
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
iQHub
Mais conteúdo relacionado
Mais procurados
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_security
Deepakraj Sahu
Unidirectional Network Architectures
Unidirectional Network Architectures
EnergySec
Stuxnet
Stuxnet
Symantec
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
PECB
Mission Critical Security in a Post-Stuxnet World Part 2
Mission Critical Security in a Post-Stuxnet World Part 2
Byres Security Inc.
White paper scada (2)
White paper scada (2)
Ivan Carmona
RSAC 2021 Spelunking Through the Steps of a Control System Hack
RSAC 2021 Spelunking Through the Steps of a Control System Hack
Dan Gunter
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
HyTrust
CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2
David Spinks
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
Eran Goldstein
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security
Digital Bond
Monitoring ICS Communications
Monitoring ICS Communications
Digital Bond
Sb fortinet-nozomi
Sb fortinet-nozomi
Ivan Carmona
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
FFRI, Inc.
Stuxnet
Stuxnet
shiva_sathish
SCADA Security Presentation
SCADA Security Presentation
Filip Maertens
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016
Derek Harp
S4xJapan Closing Keynote
S4xJapan Closing Keynote
Digital Bond
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber Attacks
Maurice Dawson
Samsung beyond basic android online 0
Samsung beyond basic android online 0
Javier Gonzalez
Mais procurados
(20)
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_security
Unidirectional Network Architectures
Unidirectional Network Architectures
Stuxnet
Stuxnet
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Mission Critical Security in a Post-Stuxnet World Part 2
Mission Critical Security in a Post-Stuxnet World Part 2
White paper scada (2)
White paper scada (2)
RSAC 2021 Spelunking Through the Steps of a Control System Hack
RSAC 2021 Spelunking Through the Steps of a Control System Hack
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security
Monitoring ICS Communications
Monitoring ICS Communications
Sb fortinet-nozomi
Sb fortinet-nozomi
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Stuxnet
Stuxnet
SCADA Security Presentation
SCADA Security Presentation
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016
S4xJapan Closing Keynote
S4xJapan Closing Keynote
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber Attacks
Samsung beyond basic android online 0
Samsung beyond basic android online 0
Semelhante a [CLASS2014] Palestra Técnica - Franzvitor Fiorim
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
iQHub
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
iQHub
[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas
TI Safe
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
Nozomi Networks
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Honeywell
CLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José Antunes
TI Safe
Securing SCADA
Securing SCADA
Jeffrey Wang , P.Eng
chile-2015 (2)
chile-2015 (2)
Massimiliano Falcinelli
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
mike parks
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
SecPod Technologies
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson
Cybersecurity for Field IIoT Networks
Cybersecurity for Field IIoT Networks
Yokogawa1
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
Community Protection Forum
[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr
TI Safe
IoT Security Challenges and Solutions
IoT Security Challenges and Solutions
Intel® Software
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
IJECEIAES
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond Compliance
EnergySec
[CLASS 2014] Palestra Técnica - Michael Firstenberg
[CLASS 2014] Palestra Técnica - Michael Firstenberg
TI Safe
Three Networks, Different Risks - IT, OT and Engineering
Three Networks, Different Risks - IT, OT and Engineering
Waterfall Security Solutions
ICS case studies v2
ICS case studies v2
Nguyen Binh
Semelhante a [CLASS2014] Palestra Técnica - Franzvitor Fiorim
(20)
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
CLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José Antunes
Securing SCADA
Securing SCADA
chile-2015 (2)
chile-2015 (2)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT Security
Cybersecurity for Field IIoT Networks
Cybersecurity for Field IIoT Networks
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr
IoT Security Challenges and Solutions
IoT Security Challenges and Solutions
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond Compliance
[CLASS 2014] Palestra Técnica - Michael Firstenberg
[CLASS 2014] Palestra Técnica - Michael Firstenberg
Three Networks, Different Risks - IT, OT and Engineering
Three Networks, Different Risks - IT, OT and Engineering
ICS case studies v2
ICS case studies v2
Mais de TI Safe
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
TI Safe
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
TI Safe
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
TI Safe
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
TI Safe
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
TI Safe
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
TI Safe
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
TI Safe
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
TI Safe
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
TI Safe
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
TI Safe
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
TI Safe
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
TI Safe
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
TI Safe
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
TI Safe
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
TI Safe
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
TI Safe
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
TI Safe
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
TI Safe
Retrospectiva
Retrospectiva
TI Safe
Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1
TI Safe
Mais de TI Safe
(20)
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Retrospectiva
Retrospectiva
Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1
Último
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Florian Wilhelm
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Kalema Edgar
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Slibray Presentation
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Addepto
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Hervé Boutemy
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
The Digital Insurer
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
ScyllaDB
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
Fwdays
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
NavinnSomaal
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Rizwan Syed
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Padma Pradeep
Training state-of-the-art general text embedding
Training state-of-the-art general text embedding
Zilliz
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
hariprasad279825
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
charlottematthew16
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
Miki Katsuragi
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Sergiu Bodiu
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
Memoori
Último
(20)
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Training state-of-the-art general text embedding
Training state-of-the-art general text embedding
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
1.
Como se iniciam
os ataques à infraestrutura SCADA? Franzvitor Fiorim Engenheiro de Vendas Franzvitor_fiorim@trendmicro.com CopCyroigphyrt ig©h 2t 0©1 240 T1r4e nTdre Mnidc rMo icInroco Irnpcoorraptoerda.t Aedll .r Aiglhl rtsig rhetse rrevseedr.v ed. 1
2.
Cyberwar on your
network • 2 new threat each second 1 • 1 cyber-intrusion each 5 minutes 2 • 67 % of infrastructure can’t block a custom & targeted attack 3 • 55 % of companies didn’t detected the breach 1 More frequent More targeted More money More sophiticated Source : 1: Trend Micro, 2 : US-Cert 2012, 3 : Ponemom Institute 2012 Copyright © 2014 Trend Micro Incorporated. All rights reserved. 2
3.
Security by signature
is not enough 3 Copyright © 2014 Trend Micro Incorporated. All rights reserved. 3 Crypted RAT Basic malware Phishing Exploitation tools Malicious website Common vulnerabilities Discovery tools SWG NG FW Document exploit Obfuscated 0-Day Javascript Polymorphic payload Watering Hole Attack Spear Phishing C&C communications IPS AV
4.
Ataque: Social, Sofisticado,
Silencioso Atacam indivíduos utilizando engenharia social Funcionários Atacantes Copyright © 2014 Trend Micro Incorporated. All rights reserved. 4 Extrai dados de interesse – pode não ser detectado por meses! $$$$ Move lateralmente na rede procurando dados valiosos Coletam inteligência sobre organizações e indivíduos Copyright 2014 Trend Micro Inc. Estabelece link com o Command & Control server
5.
Advanced Persistent Threats
Nem sempre os componentes são maliciosos; O foco é ser evasivo; Controlado por um humano; Múltiplos vetores de ataque; Ataque contínuo, repetitivo; Atacantes são pacientes; Exploram brechas do sistema; Exploram brechas de segurança; Com recursos suficientes para ter êxito no ataque. 11/13/20 Copyright © 2014 Trend Confidential | Micro Incorporated. All Copyright rights reserved. 5 5
6.
Riscos de Segurança
a Sistemas ICS (Industrial Control System ) Copyright © 2014 Trend Micro Incorporated. All rights reserved. 6
7.
Casos de Incidentes
de Segurança Industrial Facility Water Treating Plant Railway Traffic Control System Car Factory Steel Plant Chemical Plant 13 production line stopped/ $14M loss Zotob virus Carry-on PC or Office network Source: IPA, http://www.ipa.go.jp/security/fy20/reports/ics-sec/rep_main_fy20.pdf IPA, http://www.ipa.go.jp/security/fy21/reports/scada/documents/scada_report.pdf The Security Incidents Organization, http://www.securityincidents.org JPCERT,http://www.jpcert.or.jp/ics/2011/20110210-oguma.pdf Steam turbine control system stopped DOWNAD/Conficker virus unknown Copyright © 2014 Trend Micro Incorporated. All rights reserved. 7 8 hours of monitoring incapability PE_SALITY virus unknown Centrifugal separator crash (according to multiple reports) Stuxnet virus USB flash or office network Loss of control for 3 months (1ML of polluted water emission) Unauthorized access Wireless link Shutdown of train service in the morning during rush hour Blaster virus unknown Impact Cause Path Impact Cause Path *Pictures above is not related to the contents
8.
Tendência crescente de
Incidentes de Segurança The number of incidents across critical infrastructure sectors, ICS-CERT responded, is increasing year after year. Most recently 257 incidents are reported. A big increase from 197 in 2012 39 140 Source: ICS-CERT Year in Review 2012 and 2013 http://ics-cert.us-cert.gov/Other-Reports 300 250 200 150 100 50 Copyright © 2014 Trend Micro Incorporated. All rights reserved. 8 197 257 0 FY2010 FY2011 FY2012 FY2013
9.
Direção do ICS
:Toward Open and Collapse of the myth of safety Past Item Present Closed environment Physically closed Environment *1 *2 Copyright © 2014 Trend Micro Incorporated. All rights reserved. 9 Toward open environment Connection with external N/W, using USB flash drive Specialized OS/Application Specialized protocol Technology General OS / Application Standard protocol (EtherNet/IP, PROFINET, CC-Link IE, etc) Seldom Incident case Increasing trend (STUXNET) OS External media usage Source: *1,2 : METI http://www.meti.go.jp/committee/kenkyukai/shoujo/cyber_security/001_06_01.pdf
10.
Attack Case Against
Honeypot CCCCoooonnnnffffiiiirrrrmmmmeeeedddd 77774444 aaaattttttttaaaacccckkkkssss aaaaggggaaaaiiiinnnnsssstttt HHHHoooonnnneeeeyyyyppppooootttt mmmmooooddddiiiiffffiiiiccccaaaattttiiiioooonnnn aaaatttttttteeeemmmmpppptttt wwwwaaaatttteeeerrrr tttteeeemmmmppppeeeerrrraaaattttuuuurrrreeee aaaannnndddd ppppuuuummmmpppp pppprrrreeeessssssssuuuurrrreeee,,,, ppppuuuummmmpppp sssshhhhuuuuttttddddoooowwwwnnnn,,,, eeeettttcccc………… OOOOVVVVEEEERRRRVVVVIIIIEEEEWWWW:::: Develop honeypot of water supply system and deploy on the internet to catch attacks against ICS. SSSSuuuurrrrvvvveeeeiiiillllllllaaaannnncccceeee PPPPeeeerrrriiiioooodddd:::: Mar. – Jun. 2013 HHHHoooonnnneeeeyyyyppppooootttt ddddeeeeppppllllooooyyyyeeeedddd ppppllllaaaacccceeee:: 8 Countries, 12 Places HHHHoooonnnneeeeyyyyppppooootttt SSSSaaaammmmpppplllleeee WWWWeeeebbbb PPPPaaaaggggeeee:::: Source: http://apac.trendmicro.com/cloud-content/apac/pdfs/security-intelligence/white-papers/ wp-the-scada-that-didnt-cry-wolf.pdf Copyright © 2014 Trend Micro Incorporated. All rights reserved. 10
11.
Attack Case Against
Honeypot Copyright © 2014 Trend Micro Incorporated. All rights reserved. 11
12.
Background of Incidents
Copyright © 2014 Trend Micro Incorporated. All rights reserved. 12
13.
Increasing Trend of
ICS Related Vulnerability Information Severity Level III (Danger : System Hijack) Level II (Alert : System Stop) Level I (Notice:Partial Damage) 2008 2009 2010 2011 2012 2013 200 180 160 140 120 100 80 60 40 20 0 Level III 6 6 14 64 97 80 Level II 2 4 3 28 74 49 Level I 4 1 3 2 Source: http://www.ipa.go.jp/files/000036346.pdf Copyright © 2014 Trend Micro Incorporated. All rights reserved. 13
14.
Malware Infection through
USB Flash Drive Malware infection risk surely exists even though it’s in closed environment Top 3 Malware by Segment, 2013 Has capability of infection through USB flash drive Source: TrendLabsSM 2013 Annual Security Roundup, http://apac.trendmicro.com/cloud-content/apac/pdfs/security-intelligence/reports/rpt-cashing-in-on-digital-information.pdf Copyright © 2014 Trend Micro Incorporated. All rights reserved. 14
15.
Connected Devices is
Easily Detected Copyright © 2014 Trend Micro Incorporated. All rights reserved. 15 Modbus/TCP to RTU Bridge Serial Number ******** MAC address *********** Software version 01.8b3 (031021) Press Enter to go into Setup Mode
16.
Sandworm (CVE-2014-4114) Copyright
© 2014 Trend Micro Incorporated. All rights reserved. 16
17.
Special Characteristics and
Security Requirements of ICS Copyright © 2014 Trend Micro Incorporated. All rights reserved. 17
18.
IIIICCCCSSSS vvvvssss IIIICCCCTTTT
Control System Security Requirement Information System A.I.C(Availability) Priority for Security C.I.A 24x365 stable running (No reboot permitted) Availability *C(Confidentiality:), I(Integrity), A(Availability) Source:IPA, Survey about ICS of Critical Infrastructure and IT Service Continuity , Sep, 2009 Copyright © 2014 Trend Micro Incorporated. All rights reserved. 18 Basically during working time (Reboot is acceptable) Worst case, Damage generally becomes serious Result of incident Pecuniary loss Privacy damage 10 - 20 years Operating term 3-5 years Real time response Data processing speed Less impact for Delay response Irregular by each control system vendor, Quite long term (once a 1~4years) Cycle for release patch and applying Often and Regularly Field Technical dept. Operation management Information System dept. Threats become reality and occurs incident. Conscious about security Already measured basically. Discussing with Country level Security standard Already established Stuff(Facility, Product) Service(continuous running) Object for security Information Industrial control systems are systems with special characteristics that are very different to Information Systems
19.
IIIICCCCSSSS vvvvssss IIIICCCCTTTT
ICS • Correct commands issued (Integrity) • Limit interruptions (Availability) • Protect the data (Confidentiality) Copyright © 2014 Trend Micro Incorporated. All rights reserved. 19 IT • Protect the data (Confidentiality) • Correct commands issued (Integrity) • Limit interruptions (Availability)
20.
Countermeasure points in
ICS Plant 4 4 Copyright © 2014 Trend Micro Incorporated. All rights reserved. 20 Plant DMZ Relay/terminal Server EWS HMI ② Network ③ Server (plant DMZ) ④ Client/Server (Control information N/W) ⑤ Client/Server: (Control N/W) ⑥ External storage media Internet PLC/DCS ICS Vendors System integrators Office PC Office PC Field bus Historian Maintenance OPC Server Maintenance service Control information network Operation PC MES Control network 5 5 5 5 6 6 3 1 2 2 2 7 Countermeasure points ① Gateway 1 1 ⑦ PCs brought to work Office network
21.
FFFFuuuunnnnddddaaaammmmeeeennnnttttaaaallll IIIICCCCSSSS SSSSeeeeccccuuuurrrriiiittttyyyy
RRRReeeeqqqquuuuiiiirrrreeeemmmmeeeennnnttttssss ((((eeee....gggg....)))) ①② Gateway/ Network Server/Client PC • Create network segment based on risk level as zone • Block unauthorized access and malicious code Copyright © 2014 Trend Micro Incorporated. All rights reserved. 21 ⑥⑦ External Device/PC ③ Plant DMZ ④ Control Information Network ⑤ Control Network TMUSB • No change system • Scan and clean with latest pattern file even in closed network • Prohibit unauthorized external device • Scan external device with latest pattern before/after connect with ICS Prevention Detection Cleanup Mission-Critical Specific Purpose Non Mission-Critical General Purpose • No stop system in update or recovery time frequently. • Secure the system even in closed network • Secure the system that cannot patched regularly • Keep minimum impact on system performance • Offer easy installation/operation for non IT persons • Secure the system that have system change frequently • Secure the system that exchange applications and documents from outside of plant • Secure the system that is accessed by unauthorized devices • Monitor and control data transaction at zone boundaries N/A
22.
Copyright © 2013
Trend Micro Incorporated. All rights reserved. 22
23.
Materiais de Apoio
11/13/2014 Confidential | Copyright 2014 Trend Micro Inc. Copyright © 2014 Trend Micro Incorporated. All rights reserved. 23
24.
Raio-X APT: Ferramentas
de ataque Nome Fases Típicas - Uso Description GETMAIL Extração Typically used to ascertain mail archives and mail out of those archives. Netbox Ataque, Extração, Persistência Copyright © 2014 Trend Micro Incorporated. All rights reserved. 24 For hosting tools/drop servers/ C2 servers. Commonly used as infrastructure on the backend to support operational tasks. (Netbox also has valid uses, and is not a direct indicator of compromise) Pwdump Movimento Lateral Dumps password hashes from the Windows registry. Typically used to crack passwords for lateral movement throughout the victim environment. It can also be used in pass-the-hash attacks. Cachedump Movimento Lateral A program for extracting cached password hashes from a system’s registry. Typically used to crack passwords for lateral movement throughout the victim environment. It can also be used in pass-the-hash attacks. Lslsass Persistência, Movimento Lateral Dumps active login session password hashes from windows processes. It is used to crack passwords for lateral movement throughout the victim environment. It can also be used in pass-the-hash attacks. mapiget Persistência, Movimento Lateral This is for collecting emails directly from Outlook, prior to ever getting archived. It is then dumped to text files. HTRAN Ataque, Extração, Persistência Connection bouncer, redirects TCP traffic destinted for one host to an alternate host. It is also used to help obfuscate source IP of an attacker. It allows the attacker to bounce through several connections in the victim country, confusing incident responders. Windows Credential Editor (WCE) Persistência, Movimento Lateral A security tool that allows to list logon sessions and add, change, list and delete associated credentials Lz77.exe Extração It is used as a compression application to help exfiltrate data. This is commonly seen in Winrar, 7zip, and Winzip. Gsecdump Movimento Lateral Grabs SAM file, cached credentials, and LSA secrets. Used for lateral movement in victim environment and pass-the-hash style attacks. ZXProxy (A.K.A AProxy) Extração, Persistência Proxy functionality for traffic redirection. This helps redirect HTTP/HTTPS connections for source obfuscation. We have seen it used in data exfiltration. LSB-Steganography Comprometimento Inicial, Extração Uses steganography techniques to embed files into images. This helps with data exfiltration as well as during the initial compromise of a traditional APT attack. UPX Shell Ataque, Persistência Used to help pack code for malware used in APT campaigns. This tool helps prevent reverse engineering and code analysis. ZXPortMap Extração, Persistência Traffic redirection tool, which helps to obfuscate the source of connections. ZXHttpServer Extração Small HTTP server that is deployable and extremely flexible. We have seen it used when attempting transfer of some files. Sdelete Persistência, Cobertura Secure deletion tool. Allows for secure deletion to make forensic recovery difficult-therefore complicating incident response procedures. Dbgview Persistência, Movimento Lateral An application that lets you monitor debug output on your local system, or any computer on the network that you can reach via TCP/IP http://blog.trendmicro.com/trendlabs-security-intelligence/in-depth-look-apt-attack-tools-of-the-trade/
Baixar agora