control systems and cyber security 2600 meeting june 6,2014
DESCRIPTION
Control Systems And Cyber Security 2600 Meeting June 6,2014. Michael Toecker. Mikhail Turcher , big fanci pantsie. Cyber Security Overview. Module 1. Ooooh … Cybah Cybah Cybah Overfuncher !. Basics. Control Systems are computing systems that monitor and control physical processes - PowerPoint PPT PresentationTRANSCRIPT
CONTROL SYSTEMSAND CYBER SECURITY
2600 MEETING JUNE 6,2014M I C H A E L T O E C K E R
Mikhail Turcher, big fanci pantsie
CYBER
SECURITY OVERVIEW
M O D U L E 1
Ooooh… Cybah Cybah Cybah Overfuncher!
BASICSControl Systems are computing systems that monitor and
control physical processes
We’re talking powerplants, locomotives, water treatment, building operations, and stuff like that
Uses things called Programmable Logic Controllers, Remote Terminal Units take in signals from things like pumps, valves, motors, etc
Basi….. Sknnnnzzzz….
Electro-Mechanical Logic
Pneumatic Logic
Programmable Logic
Distributed ControlSystem
Evolution of Control Systems
Dis presentation needs more goats
HUMAN INTERACTIONTHEN AND NOW
Buttons, Levers, Paper Trend Plotters, Annunciators, all linked to Relays and Actuators through
Electronic or Pneumatic Communications utilizing
Relay/Ladder Logic
Computer Systems and Displays, linked to Digital
Process Controllers through High Speed Ethernet Based
networks utilizing Field Programmable Gate Array and
Function Block Logic
I tells him to Pressy the butensies!! Press them!!! He does not.
CYBER SECURITYThe problem is, use of normal IT stuff has
caused Control Systems to inherit the same vulnerabilities of those IT systems…
Ever been hacked? How did that affect your computer? Other computers you own?
Imagine being the computer that runs the Chemical Plant down the road.
I be doin the hackring.. Hackring and slashring in Skyrim… MY KNEE!!
BUT….
Computation evolved into Networked systems
Prioritized the fast, efficient, and easy sharing of data
Control Systems and Information Systems were easily connected together, up to and including the Internet
Vulnerabilities in these Systems allows Malicious Individuals to Access and Disrupt operations
Coding Practices assumed good behavior, but did not enforce it.
Networked Systems allowed access from remote locations, or over the Internet
The I
ntroducti
on of
Computers a
lso Brou
ght the
Vulnerabilit
y of t
he Infor
mation
Age
Heh. Goatsies.
WE APOLO
GIZE FOR TH
E
FAULT IN TH
E SUBTITLES..
T H O S E RE S P O N S I B
L E HAV E B
E E N SA C K E D
NOTABLE CYBER
EVEN
TS
Government Developed Computer Virus
Designed to disrupt the Iranian nuclear enrichment process at Natanz
Three Modes of Operation Windows Based, designed to infect
Windows systems Siemens Simatic, designed to subvert
communications between the PLC and Simatic Applications
Siemens S7 PLC Based, designed to run equipment outside of operating envelope, and conceal operating parameters from operators.
Stuxnet
is the P
rime E
xample
of a C
yber
Securit
y issu
e
affec
ting Con
trol S
ystem
s
TARGETED IRAN’S NATANZENRICHMENT FACILITY
Control Systems
Mahmoud Ahmadinejad
INFECTED PLCS BROKE CENTRIFUGES
This Runs These
Also Mahmoud Ahmadinejad
STUXNET’S GOALReduce the capability of the Iranian Government to produce
Nuclear materials It Damaged Systems It reduced quality of the product Destroyed Centrifuges
Hid itself from the operatorsPersonally, I have great sympathy for the Iranian Engineers…. I’d hate to have to go to my boss, repeatedly, and tell him my system
was f*cked up, not matter what I was doing to fix it.
This is Enriched Uranium
DANCING MONKEYS….
Super Secret Easter Egg in Siemens PLCs, Used at Natanz
found
by Dillon Beresford
IT DOESN’T HAVE TO BE STATE SPONSORED THOUGH
DIGITAL BOND’S PROJECT BASECAMP
Intended to focus attention on vulnerabilities in control system devices, to get vendors to change how insecure their devices actually were.
Full Disclosure: I work for Digital Bond
THREATPOST, 2011
Hacker pr0f gained access to, and posted pictures of the South Houston water Treatment plant.
CONCLUSIONS Control Systems run Industrial StuffThey use normal IT componentsThey don’t spend much time on security, if anyGovernments have used control systems to do bad things to
other governmentsYou can find these things on the Internet…. Bad guys can exploit this stuff over the internet.