attack simulations of viable cities smart facilities
play

Attack simulations of viable cities (smart facilities) Associate - PowerPoint PPT Presentation

Apr 29, 2023 •9 likes •309 views

Attack simulations of viable cities (smart facilities) Associate prof. Robert Lagerstrm KTH Royal Institute of Technology Sustainable cities, energy, transportation, Digital solutions will drive progress towards the sustainable

  1. Attack simulations of viable cities (smart facilities) Associate prof. Robert Lagerström KTH Royal Institute of Technology

  2. Sustainable cities, energy, transportation, …

  3. Digital solutions will drive progress towards the sustainable development goals

  4. Cyber threats

  6. How come this happens over and over again?

  7. Complexity in a software

  8. Complexity in an Organization

  9. Complexity in smart cities

  10. Ukraine Power Grid

  11. “We want to be seen, and we want to send you a message” Spear phishing Exploring and collecting Malicious firmware TDOS Malware (KillDisk)

  12. Smart facilities Advanced attacks not needed New IoT devices often lack basic security features!

  13. Penetration testing https://www.svt.se/nyheter/vetenskap/har-hackas- elsparkcykeln-av-kth-studenten

  14. Recently found vulnerabilities in IoT (by KTH students) Aldin Burdzovic, Jonathan Matsson, Pontus Johnson, and Robert Lagerström, CVE-2019-12941, AutoPi Wi-Fi/ NB and 4G/LTE devices allows an attacker to perform a brute-force attack or dictionary attack to gain access to the WiFi network, which provides root access to the device. Arvid Viderberg, Pontus Johnson, and Robert Lagerström, CVE-2019-12944, Glue Smart Lock 2.7.8 devices do not properly block guest access in certain situations where the network connection is unavailable. Arvid Viderberg, Pontus Johnson, and Robert Lagerström, CVE-2019-12943, Insecure permission, password reset function, in TTLock Open Platform. Arvid Viderberg, Pontus Johnson, and Robert Lagerström, CVE-2019-12942, Insecure permission, account revocation mechanism, in TTLock Open Platform. Theodor Olsson, Albin Larsson Forsberg, Pontus Johnson, and Robert Lagerström, CVE-2019-12821, Vulnerability in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. Theodor Olsson, Albin Larsson Forsberg, Pontus Johnson, and Robert Lagerström, CVE-2019-12820, Vulnerability in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, possible MiTM attack on http. Ludvig Christensen, Daniel Dannberg, Pontus Johnson, and Robert Lagerström, CVE-2019-12797, Vulnerability in a clone version of an ELM327 OBD2 Bluetooth device, hardcoded PIN leading to arbitrary commands to an OBD-II bus of a vehicle.

  15. National Vulnerability Database

  16. Google Chrome vulnerabilities - known

  17. IoT honeypot experiment

  18. Automatic Quantitative Data-driven Attack Simulations

  19. CAD & SIMULATIONS HAVE REVOLUTIONIZED OTHER ENGINEERING FIELDS Computer Aided Design (CAD) Computer aided design and quantitative simulations have revolutionized engineering. Could you imagine building today’s fighter jets without CAD and simulation software? Would you fly with an airplane where the risks are identified, prioritized and tracked by subjective and qualitative measures?

  20. The concept of threat modeling lets you simulate attacks on small and abstract Models created manually, like our Web Server Component , as well as large enterprise-wide Models with thousands of Objects that are automatically generated based on existing data sources. Once a Model in created, all that remains is the assignment of high value assets, with an expected Cost of loss and an entry point for the Attacker . Based on the simulation data and Based on the threat model the most Various attack scenarios can be simulated by attack paths, reports on risk exposure, probable attack paths from the Attacker’s placing the Attacker on e.g., the Internet, as an critical weaknesses and expected loss entry point (red) to the high value assets in Insider etc. can be created. the model (blue) can be generate and visualize automatically. Furthermore, the simulations will have no Security controls that can lower the impact on availability or have any active The Attacker will take the path of least risk exposure can also be suggested, connection to the actual systems. resistance based on the built in statistics as which can be applied and evaluated well as the status of the Objects’ Defenses. against the expected cost.

  21. Attack simulations

  22. Attack simulations Let’s assume that our most valued asset is our house and that we are worried someone might break in. As far as we now, there are two possible ways in, through the window or through the door. BREAK INTO HOUSE OR BREAK IN THROUGH WINDOW BREAK IN THROUGH DOOR

  23. To break in through the door, the attacker will have to have access to the door AND bypass the door. How easy or hard that is for the attacker depends on the parameters of the door and the fence BREAK INTO HOUSE OR BREAK IN THROUGH WINDOW BREAK IN THROUGH DOOR • Door material AND • Lock quality ACCESS TO DOOR BYPASS DOOR OR OR • Barb wire USE KEY PICK LOCK BYPASS FENCE • Fence hight USE TOOL

  24. Depending on the parameters of e.g. the door, it will be tougher or easier* to bypass the door with different types of attacks. In the simulation, we sample these values and provide Time-to-compromise (TTC) distribution(s) to reach high value assets. BREAK INTO HOUSE TTC is the success rate of an attack over time i.e. the more time the attacker gets to spend trying, % the more likely he/she will be succeeding. time BREAK INTO HOUSE OR BYPASS DOOR Lock Door TTC BREAK IN THROUGH WINDOW BREAK IN THROUGH DOOR Quality Material Poor Poor 4 AND Good Poor 25 … … … ACCESS TO DOOR BYPASS DOOR OR OR BYPASS FENCE USE KEY PICK LOCK BYPASS FENCE Heigh USE Barb Wire TTC t TOOL 0 False 0 0 True 0 2 True 3 … … …

  25. The attacker might also exploit some unknown BREAK INTO HOUSE vulnerability or “zero- day”. Here exemplified JUMP DOWN as squeeze down the CHIMNEY % chimney. time BREAK INTO HOUSE OR BREAK IN THROUGH WINDOW BREAK IN THROUGH DOOR If there is data available about specific AND products and their vulnerabilities, this can be inserted into the tool. ACCESS TO DOOR BYPASS DOOR In this example, we know that Bob delivers terrible fences. OR BYPASS FENCE USE KEY PICK LOCK BYPASS FENCE Heigh USE Barb Wire TTC t BOB’S RUSTY CHAIN LINK TOOL 0 False 0 → STEAL SPARE 0 True 0 KEY 2 True 3 … … … BREAK INTO NEIGHBOUR’S HOUSE Looking at our security situation from a broader picture lets us capture structural vulnerabilities as well. In the example, the attacker might exploit a big hole in our neighbors house to steal our spare key.

  26. Goals with VASA (Viable cities Attack Simulation & threAt modeling) The main goal is to develop a threat modeling and attack simulation approach specifically designed for smart facilities, a key concept in viable cities. Ethical hacking of smart components will also take place in order to improve the attack simulations.

  27. KTMM (KTH Threat Modeling Method) KTMM consists of five (six) phases. 0) scope & delimitations, 1) business analysis, 2) system definition & decomposition, 3) threat analysis, 4) attack & resilience analysis, and 5) risk assessment & recommendations. Currently tested at JM, Coor, and Stena Fastigheter.

  28. Vanguard

  29. How to participate? Penetration testing / ethical hacking of systems / IoT devices Threat modeling & attack simulations - with KTMM - with Vanguard (for AWS)

  30. Contact robertl@kth.se www.kth.se/profile/robertl www.foreseeti.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Trust in the context of smart cities Synchronicity: Privacy by Design Strategy for Smart Cities

Trust in the context of smart cities Synchronicity: Privacy by Design Strategy for Smart Cities

Trust in the context of smart cities Synchronicity: Privacy by Design Strategy for Smart Cities Connected Smart Cities Brussels, January 17, 2019 Dile ilemma & & D Dua ual Stra l Strate tegy gy Priva Privacy R y Risk isks for

518 views • 16 slides
Asuncin Santamara UPM DAY 2: SMART CITIES TABLE 4: IMPLEMENTATION OF THE SMART CITY CONCEPT

Asuncin Santamara UPM DAY 2: SMART CITIES TABLE 4: IMPLEMENTATION OF THE SMART CITY CONCEPT

Asuncin Santamara UPM DAY 2: SMART CITIES TABLE 4: IMPLEMENTATION OF THE SMART CITY CONCEPT INTERNATIONAL SUMMER SCHOOL SMART GRIDS AND SMART CITIES Barcelona, 6-8 June 2017 WHY? To improve visibility To extend the day

482 views • 12 slides
Luca Piovano UPM DAY 2: SMART CITIES TABLE 3: SMART CITY AND URBAN SUSTAINABLE DEVELOPMENT

Luca Piovano UPM DAY 2: SMART CITIES TABLE 3: SMART CITY AND URBAN SUSTAINABLE DEVELOPMENT

Luca Piovano UPM DAY 2: SMART CITIES TABLE 3: SMART CITY AND URBAN SUSTAINABLE DEVELOPMENT INTERNATIONAL SUMMER SCHOOL SMART GRIDS AND SMART CITIES Barcelona, 6-8 June 2017 A bi-dimensional representation of several data types: size of

194 views • 17 slides
Nicolas Verstaevel IRIT DAY 2: SMART CITIES TABLE 4: IMPLEMENTATION OF THE SMART CITY CONCEPT

Nicolas Verstaevel IRIT DAY 2: SMART CITIES TABLE 4: IMPLEMENTATION OF THE SMART CITY CONCEPT

Nicolas Verstaevel IRIT DAY 2: SMART CITIES TABLE 4: IMPLEMENTATION OF THE SMART CITY CONCEPT INTERNATIONAL SUMMER SCHOOL SMART GRIDS AND SMART CITIES Barcelona, 6-8 June 2017 700 members 7 Topics 21 Teams - 4 Strategic axis

604 views • 23 slides
Smart Cities Readiness Workshop and Smart Cities Week in Silicon Valley Update Rob Stalzer,

Smart Cities Readiness Workshop and Smart Cities Week in Silicon Valley Update Rob Stalzer,

Smart Cities Readiness Workshop and Smart Cities Week in Silicon Valley Update Rob Stalzer, Deputy County Executive Eta Davis, Economic Initiatives Coordinator, Office of the County Executive Smart Cities Council Readiness Challenge and

250 views • 5 slides
Andrs Llombart University of Zaragoza (UZ) DAY 2: SMART CITIES TABLE 4: IMPLEMENTATION OF THE

Andrs Llombart University of Zaragoza (UZ) DAY 2: SMART CITIES TABLE 4: IMPLEMENTATION OF THE

Andrs Llombart University of Zaragoza (UZ) DAY 2: SMART CITIES TABLE 4: IMPLEMENTATION OF THE SMART CITY CONCEPT INTERNATIONAL SUMMER SCHOOL SMART GRIDS AND SMART CITIES Barcelona, 6-8 June 2017 A Smart City is one that ensures its

692 views • 11 slides
Smart Cities and Communities Georg Houben DG Energy European Commission Information Day on

Smart Cities and Communities Georg Houben DG Energy European Commission Information Day on

ERRIN Smart Cities Project Development Seminar European Innovation Partnership on Smart Cities and Communities Georg Houben DG Energy European Commission Information Day on Smart Cities & Communities Contents Cities Key for

147 views • 14 slides
committed to Europe GSMA Smart Cities, Brussels Sept 2013 1. Smart cities & Orange 2. Big Data

committed to Europe GSMA Smart Cities, Brussels Sept 2013 1. Smart cities & Orange 2. Big Data

big & fast data for smart city applications GSMA Smart Cities, Brussels 6 Sept. 2013 Nicolas de Cordes VP Marketing Vision, Group Marketing, Orange committed to Europe GSMA Smart Cities, Brussels Sept 2013 1. Smart cities & Orange 2.

631 views • 23 slides
Smart Sustainable Cities in the 2030 Sustainable Development Agenda: the way forward based on

Smart Sustainable Cities in the 2030 Sustainable Development Agenda: the way forward based on

Smart Sustainable Cities in the 2030 Sustainable Development Agenda: the way forward based on cities experience Presentation at the Business for Smart Cities Expocongress 29-31 January 2019 Gulnara Roll, Head UNECE Housing and Land

350 views • 19 slides
CLICK HERE TO KNOW MORE GIS Enabling Smart Cities & More Efficient Transportation Nick Land

CLICK HERE TO KNOW MORE GIS Enabling Smart Cities & More Efficient Transportation Nick Land

CLICK HERE TO KNOW MORE GIS Enabling Smart Cities & More Efficient Transportation Nick Land Esri Inc. What is a Smart City? GIS as a Platform Enabling Smart Cities Desktop Web Device Simple Integrated Open Portal Server Online

1.08k views • 23 slides
Alaia Sola Catalonia Institute for Energy Research (IREC) DAY 2: SMART CITIES TABLE 4:

Alaia Sola Catalonia Institute for Energy Research (IREC) DAY 2: SMART CITIES TABLE 4:

Alaia Sola Catalonia Institute for Energy Research (IREC) DAY 2: SMART CITIES TABLE 4: IMPLEMENTATION OF THE SMART CITY CONCEPT INTERNATIONAL SUMMER SCHOOL SMART GRIDS AND SMART CITIES Barcelona, 6-8 June 2017 Energy Efficiency in

1.38k views • 23 slides
Blockchain for Smart Cities public collaborative initiatives and are implemented and used in a

Blockchain for Smart Cities public collaborative initiatives and are implemented and used in a

FINAL PARA CERRAR LA HISTORIA!!! Smart city platforms are developed both by private companies and Blockchain for Smart Cities public collaborative initiatives and are implemented and used in a large number of cities around the world.

471 views • 44 slides
SMART CITIES USING BIG SENSOR DATA MANUEL G. GARCA GIP, ITC FACULTY IN THIS PRESENTATION

SMART CITIES USING BIG SENSOR DATA MANUEL G. GARCA GIP, ITC FACULTY IN THIS PRESENTATION

COLLABORATIVE DEVELOPMENT OF SMART CITIES USING BIG SENSOR DATA MANUEL G. GARCA GIP, ITC FACULTY IN THIS PRESENTATION SMART CITIES & ITS DYNAMICS BIG SENSOR DATA RESEARCH PROJECT COLLABORATIVE SMART CITY 2 SMART CITIES & ITS

374 views • 13 slides
Smart Learning Cities Forum - 26 Feb 2020 Jenny Macaffer Adult Learning Australia Another

Smart Learning Cities Forum - 26 Feb 2020 Jenny Macaffer Adult Learning Australia Another

Smart Learning Cities Forum - 26 Feb 2020 Jenny Macaffer Adult Learning Australia Another school of thought says that we should be striving for Lo Tech cities that are more in tune with nature and with humanity. Smart cities are only smart

80 views • 4 slides
Smart Cities in the Future Smart Cities in the Future Pardubice September 14, 2017 Pardubice

Smart Cities in the Future Smart Cities in the Future Pardubice September 14, 2017 Pardubice

Smart Cities in the Future Smart Cities in the Future Pardubice September 14, 2017 Pardubice September 14, 2017 Who We Are? Coming together is a beginning; keeping together is progress; working together is success. Henry Ford

293 views • 17 slides
International Standards to Shape Smart Sustainable Cities: The Case of Moscow ITU and Smart

International Standards to Shape Smart Sustainable Cities: The Case of Moscow ITU and Smart

Implementing ITU-T International Standards to Shape Smart Sustainable Cities: The Case of Moscow ITU and Smart Sustainable Cities ITU is the United Nations specialized agency for information and communication technologies (ICTs) and is

363 views • 18 slides
BloodHound From Red to Blue 1.5 By Scoubi @ScoubiMTL BIO Sr Security Architect at Bell Canada

BloodHound From Red to Blue 1.5 By Scoubi @ScoubiMTL BIO Sr Security Architect at Bell Canada

BloodHound From Red to Blue 1.5 By Scoubi @ScoubiMTL BIO Sr Security Architect at Bell Canada Adversary Detection Team Lead Threat Hunting Team Lead First Presented at BSidesCharm French Canadian Dont pronounce S and H

1.37k views • 104 slides
Terrorist & Violent Intruder Preparedness/Response Simplifying Your

Terrorist & Violent Intruder Preparedness/Response Simplifying Your

Terrorist & Violent Intruder Preparedness/Response Simplifying Your Response Based on A6acker Objec<ve Commonali<es www.intruderresponse.com Vaughn Baker Co-Founder Strategos

884 views • 52 slides
Resilient Power Grid Project Report Sahiti Bommareddy | Daniel Qian | Parv Saxena Spring 2020 1

Resilient Power Grid Project Report Sahiti Bommareddy | Daniel Qian | Parv Saxena Spring 2020 1

Resilient Power Grid Project Report Sahiti Bommareddy | Daniel Qian | Parv Saxena Spring 2020 1 Project Goal Extend the Spire intrusion-tolerant SCADA system Three dimensions: 1. Performance optimization for single site configuration 2.

622 views • 33 slides
Smashing WEP in A Passive Attack POUYAN SEPEHRDAD PETR SUSIL SERGE VAUDENAY MARTIN VUAGNOUX 1

Smashing WEP in A Passive Attack POUYAN SEPEHRDAD PETR SUSIL SERGE VAUDENAY MARTIN VUAGNOUX 1

Smashing WEP in A Passive Attack POUYAN SEPEHRDAD PETR SUSIL SERGE VAUDENAY MARTIN VUAGNOUX 1 2 No one Uses WEP Any More. 2 Hotels No one Uses WEP Any More. Restaurants Airports 2 Wireless Networks in Singapore: 20% WEP Hotels No

746 views • 51 slides
Emergency Response Fall 2015 Agenda Roles & Responsibilities Evacuation Shelter

Emergency Response Fall 2015 Agenda Roles & Responsibilities Evacuation Shelter

Emergency Response Fall 2015 Agenda Roles & Responsibilities Evacuation Shelter in Place Defend in Place Next Steps Roles & Responsibilities Your primary responsibility is to help yourself during an emergency

337 views • 33 slides
Multi-Channel MQ Support Lance Swallow TPFSS - TPF Communications DXC Proprietary and

Multi-Channel MQ Support Lance Swallow TPFSS - TPF Communications DXC Proprietary and

April 24, 2018 Multi-Channel MQ Support Lance Swallow TPFSS - TPF Communications DXC Proprietary and Confidential Introduction Looking for a way to improve the current Data Feed process Reduce the perceived throughput performance issues

116 views • 11 slides
Distance-1 Constrained Channel Assignment in Single Radio Wireless Mesh Networks Ehsan Aryafar

Distance-1 Constrained Channel Assignment in Single Radio Wireless Mesh Networks Ehsan Aryafar

Distance-1 Constrained Channel Assignment in Single Radio Wireless Mesh Networks Ehsan Aryafar Rice University (Houston, Texas, USA) Omer Gurewitz Ben Gurion University (Beer Sheva, Israel) Edward Knightly Rice University (Houston, Texas,

797 views • 45 slides
Vipshop Holdings Limited Investor Presentation November 2015 Disclaimer This presentation

Vipshop Holdings Limited Investor Presentation November 2015 Disclaimer This presentation

www.vip.com Vipshop Holdings Limited Investor Presentation November 2015 Disclaimer This presentation contains forward-looking statements. These statements are made under the safe harbor provisions of the U.S. Private Securities

309 views • 26 slides

More recommend