Presentation on how to chat with PDF using ChatGPT code interpreter
[CLASS 2014] Palestra Técnica - Samuel Linares
1. 1
Linking Critical
Infrastructure Protection
and Industrial
Cybersecurity: Is there a
Cyber-Tsunami in waiting?
Samuel Linares
Industrial Cybersecurity Center (CCI)
Director
2.
3.
4. 1957 Andreanof Islands EarthquakerMw9.1
1960 Chile Great EarthquakeMw9.5
Earthquake Research Institute, University of Tokyo
1964 Alaska EarthquakeMw 9.2
1952 Kamchatka EarthquakeMw9.0
2011 East Japan Great EarthquakeMw 9.0
2004 Indian Ocean EarthquakeMw9.0
2010 Chile EarthquakeMw8.8
7. Physical & CyberWorlds Convergence
Consequences: Intangible
Web Portal unavailable
No email
Consequences: Tangible, Concrete
Production Losses
Environmental Damages
Public Health
Lower Company Valuation
9. IT in the Industrial World
Industrial Control
Systems are NOT
isolated anymore.
They have moved
Industrial devices have inherited
all problems from IT
from using
dedicated serial
lines to Ethernet or
WiFi
Now, most of
industrial protocols
are running over
TCP/IP
Industrial Control
Systems use general
purpose operating
systems
11. Plant vs IT vs Security
Plant / IT Conflict:
– “Watertight” environments. “Don’t get
into my lot, and I won’t into yours”
–Attention is not paid to communication
interfaces between both worlds
– Connection interfaces are no man’s land,
and many times, unknown (others
WWW… Wild Wild West ☺)
18. 18
Project Robus: Master Serial Killer
• Objective: Analysis of Implementation of
Industrial Protocols (First: DNP3)
• DNP3: 15 advisories, 28 tickets reported
• Fuzzing techniques
• All devices analyzed vulnerables: only 2 ok!
• Implementaciones se limitan a garantizar
funcionalidad, pero no la seguridad
• Hundreds of thousands vulnerable devices:
much of them connected to Internet
25. Shodan (www.shodanhq.com)
• Internet search engine that indexes internet-connected
services response (FTP, SSH, Telnet,
HTTP, HTTPS, SNMP, uPNP, SMB…)
• Provide cccess to millions of Internet-connected
devices
29. Project SHINE
SHodan INtelligence Extraction
Internet-facing
Industrial Systems +2.000.000
Located in
United States 30%
ISP’s Dynamic
Addresses 80%
36. • ONLY attacks that were targeted
• ONLY attempted modification of
pump system
• ONLY attempted modification via
Modbus/DNP3
• DoS/DDoS were considered attacks
Kyle Wilhoit
(Trendmicro)