With so many statistics when it comes to cyber security, which ones matter the most? Are one set more important than another? This presentation was delivered during Hannover Messe 2016.
08448380779 Call Girls In Civil Lines Women Seeking Men
Cyber resilience threat industrial systems
1. Cyber resilience – What’s in a number?
The real threat to industrial control systems today
Confidential Property of Schneider Electric
Jay Abdallah | CISSP, CISM, CISA
Director – EMEA Cyber Security Services
2. Page 2Confidential Property of Schneider Electric |
1 The current threat landscape
2 Statistics
3
Schneider Electric’s commitment
to security
4
Train-ride surprise – the importance of
security awareness
Agenda
3. The current threat landscape
Page 3Confidential Property of Schneider Electric |
4. Page 4Confidential Property of Schneider Electric |
The danger of malware
390,000 new infections per day
AV-Test.org Jan 2016
0
20 000 000
40 000 000
60 000 000
80 000 000
100 000 000
120 000 000
140 000 000
160 000 000
2012 2013 2014 2015 2016*
5. Page 5Confidential Property of Schneider Electric |
Recent industrial cyber incidents
German steel millUkraine power gridUSA water dam
7. Page 7Confidential Property of Schneider Electric |
Attacks targeted towards
German industrial systems
• 1 in every 7 registered security attacks in Q4, 2015, came from Germany
• Germany ranked #2 globally in critical infrastructure targets
• Critical infrastructure infections from Germany have doubled every year since 2012
• 78% of malicious software installation attempts from Germany in 2015 were successful
8. Page 8Confidential Property of Schneider Electric |
German cyber attack sequence
Source: TFOT 2015
56,3%
Cyber crime
20%
Hacktivism
16,1%
Cyber espionage
7,6%
Cyber war
9. Page 9Confidential Property of Schneider Electric |
• With so many statistics, which ones matter
the most? Are one set more important
than another?
• How reliable is our source TFOT?
Data reliability
• The previous slides about Germany
contained false statistics from a fake source
• Did you notice?
10. Page 10Confidential Property of Schneider Electric |
How do we identify and manage our
biggest vulnerabilities?
Where is the weak link?
12. More than just IT security
Critical infrastructure systems require high reliability and uptime:
• Need 99.999% or greater uptime
• Critical performance
• Fast reaction time
Page 12Confidential Property of Schneider Electric |
Confidentiality
Integrity
Availability
Availability
Integrity
Confidentiality
IT security OT security
OTPRIORITIES
CONTROL SYSTEMS
SECURITY / OT
IT SECURITY
PHYSICAL
SECURITY
13. Page 13Confidential Property of Schneider Electric |
Cyber security at Schneider Electric
Defense in depth
POLICIES, PROCEDURES & AWARENESS
PERIMETER
INTERNAL NETWORK
HOST
APPLICATION
DATA
PHYSICAL SECURITY
14. Page 14Confidential Property of Schneider Electric |
Cyber security at Schneider Electric
Specialized industrial security services – our offers
• Cyber security training
• Cyber security control design & implementation
• Cyber security consulting
• Cyber security maintenance services
15. Train ride surprise – the importance of security awareness
London, United Kingdom
Page 15Confidential Property of Schneider Electric |
16.
17. Page 17Confidential Property of Schneider Electric |
Train ride surprise
• On a phone call, with no line disturbance
• Perfectly clear, normal conversation:
• “Enjoy the train ride along the
English countryside”
• “Are you coming home tonight?”
• “Be sure to order a nice hot cup of tea”
• “I’m sure it’s much colder there than it is here”
• Begins acting strangely after five minutes
– seems incoherent.
• When I ask the her what she is doing, she
doesn’t answer and instead says one of the
above statements randomly
• Answers yes or no questions flawlessly
• Responds to other questions with one of the
above random statements
18.
19.
20. Page 20Confidential Property of Schneider Electric |
What happened?
• Technical malfunction causing me to hear
recorded sayings?
• What about coherent responses?
• Why is my conversation being recorded?
• Scrambler device?
• Not sophisticated enough for real-time responses
• 212 area code is in Manhattan, New York.
When called, I get a strange error.
• Recorded sentences used as fillers or common
talk to encourage me to lead the discussion
(and possibly say something incriminating)
• Stealth listening
• Similar to behavior of advanced malware,
spyware, and Trojans
21. Page 21Confidential Property of Schneider Electric |
Who is behind this?
• MI6 (UK)
• Unknown body
It is likely, however, we do not and will
not ever know who is really behind most
cyber attacks.
• CIA and NSA (USA)
• FSB (Russia)
22. Page 22Confidential Property of Schneider Electric |
Moral of the story
• Appreciation of privacy and confidentiality
• Importance of security awareness
• Always be alert, Big Brother is always
listening
• It is unsettling the first time it happens to
you …
• … but it is likely not to be the first time, it’s
just the first time you have noticed