cybersecurity protecting your buildings and your company
play

Cybersecurity: Protecting Your Buildings - and Your Company - PowerPoint PPT Presentation

Nov 18, 2023 •269 likes •801 views

Cybersecurity: Protecting Your Buildings - and Your Company Michael Chipley, PhD GICSP PMP LEED AP President April 23, 2015 mchipley@pmcgroup.biz Agenda Cyber attacks on Building Control Systems and IT New federal Acquisition and

  1. Cybersecurity: Protecting Your Buildings - and Your Company Michael Chipley, PhD GICSP PMP LEED AP President April 23, 2015 mchipley@pmcgroup.biz

  2. Agenda Cyber attacks on Building Control Systems and IT New federal Acquisition and Procurement Language Overview of Building Control Systems Exploiting Building Control Systems Protecting Building Control Systems

  3. Operation Cleaver - Iran • Iranian team dubbed Tarh Andishan • Believed to consist of at least 20 hackers and developers, collaborating on projects and missions to support Iranian interests • Evolved skillset and uses a complex infrastructure to perform attacks of espionage, theft, and the potential destruction of control systems and networks • Over 50 victims, distributed around the globe • 10 victims are headquartered in the US and include a major airline, a medical university, an energy company specializing in natural gas production, an automobile manufacturer, a large defense contractor, and a major military installation . WHY THE NAME CLEAVER? The string cleaver is found several times in a variety of custom software used in Operation Cleaver, including inside the namespaces of their custom bot code TinyZBot, e:\projects\cleaver\trunk\zhoupin_ cleaver \obj\x86\release\netscp.pdb

  4. Targets and Access • Targeting and compromise of transportation networks and systems • Level of access seemed ubiquitous: Active Directory domains were fully compromised, along with entire Cisco Edge switches, routers, and internal networking infrastructure • Fully compromised VPN credentials meant their entire remote access infrastructure and supply chain was under the control of the Cleaver team, allowing permanent persistence under compromised credentials • Achieved complete access to airport gates and their security control systems • Gained access to PayPal and Go Daddy credentials allowing them to make fraudulent purchases and allowed unfettered access to the victim’s domains

  5. What’s At Stake? • Persian hacker names are used throughout the campaign including: Salman Ghazikhani, Bahman Mohebbi, Kaj, Parviz, Alireza, and numerous others. • Numerous domains used in the campaign were registered in Iran • Spearfishing using resumes, multiple domains were registered in order to make the download sites seem more realistic (Teledyne-Jobs.com, Doosan- Job.com, NorthropGrumman.net) • To date it has successfully evaded detection by existing security technologies • Confirmed hacking into unclassified U.S. Navy computers in San Diego’s NMCI (Navy Marine Corp Intranet) • Iran is no longer content to retaliate against the US and Israel alone, position themselves to impact critical infrastructure globally Mitigation: identify their presence in your network, prevent them from expanding the scope of the compromise, and remove their access immediately .

  6. GSA-DoD Acquisition Reform Six reform recommendations: 1. Institute baseline cybersecurity requirements as a condition of contract award for appropriate acquisitions 2. Include cybersecurity in acquisition training 3. Develop common cybersecurity definitions for federal acquisitions 4. Institute a federal acquisition cyber risk management strategy 5. Include a requirement to purchase from original equipment manufacturers, their authorized resellers, or other trusted sources 6. Increase government accountability for cyber risk management http://www.gsa.gov/portal/content/176547

  7. GSA IT Acquisition Memo Jan 2015 Appendix D New Contract Language The following language shall be included in the Statement of Work, or equivalent, for all procurements where contractors may require access to sensitive data, or use information technology (IT) resources. [Begin Paragraph] Safeguarding Sensitive Data and Information Technology Resources In accordance with FAR 39.105, this section is included in the contract. This section applies to all users of sensitive data and information technology (IT) resources, including awardees, contractors, subcontractors, lessors, suppliers and manufacturers.

  8. Contract Cyber Risk Management Plan (e) Order Cybersecurity Risk Management Plan (OCRMP) Submittal, Review, and Acceptance (1) Submittal. (i) When submitting a proposal in response to any task order solicitation, Contractor shall submit its approved CCRMP to the ordering contracting officer as an addendum to the proposal . (ii) If required by the task order solicitation, Contractor shall also provide an Order Cybersecurity Risk Management Plan (OCRMP) that includes additional information to address the specific security requirements of the task order solicitation. (f) Order Cybersecurity Risk Management Plan Update, Review, and Acceptance (1) Updates. (i) Contractor may update its OCRMP at any time after order award to ensure the Government is adequately assured of Contractor’s continuous ability to provide appropriate cybersecurity in the deliverables it provides under the contract. CCRMP based on NIST SP 800-53 R4 Arlington Workshops: "How To" Workshop: Develop a Contract Cybersecurity Risk Management Plan

  9. DoD Building ICS DoD Real Property Portfolio • 48 countries • 523 installations • 4,855 Sites 562,600 buildings and • structures • 24.7 M acres • $847 B value

  10. Continuous Monitoring and Attack Surfaces Host Based McAfee Security Systems Nessus Scanning (Active) Client Side Attacks Retina Windows, Linux HTTP, TCP, UDP Server Side Attacks Network Attacks Nessus Passive Vulnerability Scanner Intrusion Detection Sophia Systems (Passive) Grass Marlin PLC, RTU, Sensor Others? Modbus, LonTalk, BACnet, DNP3 Hardware Attacks

  11. System & Terminal Unit Controllers, Actuators JACE Field Server iLon Smart Server VAV L-switch BAS Remote Server Valve Actuator Valve Actuator Pressure Sensor Temperature Sensor Analog voltage, resistance, current signal is converted to digital and then IP

  12. ICS Protocols Internet Protocols • IPv4 and IPv6 • Transmission Control Protocol (TCP) • User Datagram Protocol (UDP) • Hypertext Transfer Protocol (HTTP) - Port 80 • Hypertext Transfer Protocol Secure (HTTPS) - Port 443 Proprietary Control Systems Open Control Systems Protocols Protocols • Modbus: Master/Slave - Port 502 • Tridium NiagraAX/Fox • BACnet: Master/Slave - Port 47808 • Johnson Metasys N2 • LonWorks/LonTalk: Peer to Peer - Port 1679 • OSISoft Pi System • DNP3: Master/Slave - Port 20000 • Many others… • IEEE 802.x - Peer to Peer • Zigbee - Peer to Peer • Bluetooth – Master/Slave

  13. Building Control System Protocols Control systems are fundamentally Typical file extensions: different than IT *.ACD *.CXP • Can be based on Master and Slaves or *.ESD Peer to Peer *.ESX • Slaves have Registers and Coils *.LDA • Devices use several different *.LCD programming languages to perform *.LDO operations *.LCX • Not originally designed for security or *.plcproject encryption *.PRJ *.PRT *.RSP Master = Client : sends requests for values *.QXD in the address *.SCD Slave = Server : replies with data Registers and Coils = memory locations

  14. Tools Attack and Defend Tools Information Gathering • Kali Linux (Backtrack) • Google Search and Hacking • SamuraiSTFU • Google Earth • Wireshark • The Harvester • Gleg • Recon-NG • Windows PowerShell • Shodan • Windows Management Information • Costar Console • Windows Enhanced Mitigation Tools Network Discovery and Monitoring • Windows Sysinternals • Nmap • Snort Assessment Tools • Kismet • DHS ICS-CERT Cyber Security • Nessus Evaluation Tool (CSET) • McAfee • Sophia Virtual Machines • Bandolier • VM Player • Windows Hypervisor

  15. Google Hacking https://www.google.com/#q=navy+tridium+bangor

  16. Google Hacking https://www.neco.navy.mil/synopsis/detail.aspx?id=367322

  17. Google Hacking filetype:pdf -site:tridium.com site:mil https://www.neco.navy.mil/upload/N44255/N4425513R40020005N4425513R40020005 N44255-13-R-4002_Part_3_Draft.pdf

  18. Shodan Shodan is to OT IP addresses as is Google is to text search

  19. Tridium

  20. Tridium Architecture

  21. Shodan – Tridium Search

  22. Distech Controls

  23. Shodan – Distech Search HTTP/1.0 401 Unauthorized WWW-Authenticate: Digest realm=" Niagara-Admin ", qop="auth", algorithm=" MD5 ", nonce="UvdraWNmNDAwNjE1ODc4NzBhYTc5NjMyYzlkYTk3NTg1ZDQy" Content-Length: 56 Content-Type: text/html Niagara-Platform: QNX Niagara-Started: 2013-8-3-4-11-32 Baja-Station-Brand: distech Niagara-HostId: Qnx-NPM2-0000-12EA-FDCC Server: Niagara Web Server/3.0

  24. Google Hacking-Database http://www.exploit-db.com/google-dorks/

  25. Google Hacking DB Search

  26. Google Hacking Diggity Project http://www.bishopfox.com/resources/tools/google-hacking-diggity/attack- tools/#searchdiggity

  27. Google Hacking Diggity Project

  28. Kali Linux http://www.kali.org/

  29. SamuraiSTFU Applications

  30. Wireshark Home Start and observe packets being captured Sample Captures (pcap) https://www.wireshark.org/about.html

  31. Wireshark Active Packet Capture Wireshark capturing packets

  32. Wireshark BACnet pcap BACnet

  33. NIST SP 800-82 R2 Final Public Draft Release Section 2.5 added per DoD request to address ‘other-than-industrial’ control systems

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cybersecurity, the Law, and Protecting America's Cities October 2019 A S S U R E D E N T E R P

Cybersecurity, the Law, and Protecting America's Cities October 2019 A S S U R E D E N T E R P

N E X T G E N E R A T I O N C Y B E R S E C U R I T Y Cybersecurity . . . Tested, Trusted, Transformative Cybersecurity, the Law, and Protecting America's Cities October 2019 A S S U R E D E N T E R P R I S E S C O N F I D E N T I A L

614 views • 36 slides
Basics of Cryptography and Cybersecurity Protecting Against Harm That May Come via Network

Basics of Cryptography and Cybersecurity Protecting Against Harm That May Come via Network

Basics of Cryptography and Cybersecurity Protecting Against Harm That May Come via Network Access Security Goal: Confidentiality q Suppose you are a customer using a credit card to order an item from a website q Threat: - An adversary may

305 views • 27 slides
Cybersecurity & HIPAA: Protecting Your Organization PETE SEEBER CHRIS RAFFORD Rocus

Cybersecurity & HIPAA: Protecting Your Organization PETE SEEBER CHRIS RAFFORD Rocus

Cybersecurity & HIPAA: Protecting Your Organization PETE SEEBER CHRIS RAFFORD Rocus Networks The Single-Source Cybersecurity Provider for the SMB Pete Seeber Founder & CEO Chris Rafford Cybersecurity Strategist Before we begin

552 views • 30 slides
Florida SBDC at UCF's Cybersecurity for Small Businesses: Protecting Your Digital Assets in 2018

Florida SBDC at UCF's Cybersecurity for Small Businesses: Protecting Your Digital Assets in 2018

Helping Businesses Grow & Succeed Florida SBDC at UCF's Cybersecurity for Small Businesses: Protecting Your Digital Assets in 2018 BYTE-SIZE: The Small Business Cybersecurity Program of the FSBDC Network This presentation is a companion to

573 views • 55 slides
Cybersecurity No Need to Panic A Practical Approach to Protecting Yourself Tom Clark Chief

Cybersecurity No Need to Panic A Practical Approach to Protecting Yourself Tom Clark Chief

Cybersecurity No Need to Panic A Practical Approach to Protecting Yourself Tom Clark Chief Information Officer November 7, 2018 Remember This One? Clip is located at https://www.youtube.com/watch?v=KXzNo0vR_dU 2 So What Changed? Whats

313 views • 15 slides
Protecting Information: Cybersecurity and Risk Management Peter Miller Jennifer Romano

Protecting Information: Cybersecurity and Risk Management Peter Miller Jennifer Romano

Protecting Information: Cybersecurity and Risk Management Peter Miller Jennifer Romano Nathanial Wood Overview Cybersecurity and Risk, Generally Internet of Things New FAR Safeguarding Clause and Old DFARS Safeguarding

397 views • 25 slides
Personal CyberSecurity Protecting Yourself from the Evils of the Internet Steve McEvoy March 6 th

Personal CyberSecurity Protecting Yourself from the Evils of the Internet Steve McEvoy March 6 th

Personal CyberSecurity Protecting Yourself from the Evils of the Internet Steve McEvoy March 6 th , 2020 Austin, TX The Internet has some scary s**t going on This is a self defense course Goals What is the #1 Security Risk to your

786 views • 60 slides
U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
Heritage Security Protecting the Past for the Future Mitigating the Crime and Terrorism Risk

Heritage Security Protecting the Past for the Future Mitigating the Crime and Terrorism Risk

Heritage Security Protecting the Past for the Future Mitigating the Crime and Terrorism Risk We shape our buildings and afterwards, our buildings shape us Winston Churchill 28/10/1944 Stephen Armson-Smith Crime Prevention Tactical

400 views • 18 slides
CYBERSECURITY @ STEVENS CYBERSECURITY@STEVENS THE WORLD IS A DANGEROUS AND COSTLY PLACE

CYBERSECURITY @ STEVENS CYBERSECURITY@STEVENS THE WORLD IS A DANGEROUS AND COSTLY PLACE

GIUSEPPE ATENIESE FARBER CHAIR AND CS DEPT CHAIR CYBERSECURITY @ STEVENS CYBERSECURITY@STEVENS THE WORLD IS A DANGEROUS AND COSTLY PLACE According to insurance company Lloyds, cyberattacks cost businesses $400 billion a year A

123 views • 9 slides
After WannaCry: Getting Ahead of Ransomware Tim Bandos, Sr. Director of Cybersecurity, Digital

After WannaCry: Getting Ahead of Ransomware Tim Bandos, Sr. Director of Cybersecurity, Digital

After WannaCry: Getting Ahead of Ransomware Tim Bandos, Sr. Director of Cybersecurity, Digital Guardian Tim Bandos Prior Experience: Global Cybersecurity Tim Bandos Manager, 12+ years @ Fortune 100 Company Sr. Director of Cybersecurity

680 views • 37 slides
CYBERSECURITY CYBERSECURITY SEMINAR SEMINAR STEVE RUTKOVITZ STEVE RUTKOVITZ ABOUT STEVE

CYBERSECURITY CYBERSECURITY SEMINAR SEMINAR STEVE RUTKOVITZ STEVE RUTKOVITZ ABOUT STEVE

PROTECTING YOU AND YOUR BUSINESS CYBERSECURITY CYBERSECURITY SEMINAR SEMINAR STEVE RUTKOVITZ STEVE RUTKOVITZ ABOUT STEVE RUTKOVITZ ABOUT STEVE RUTKOVITZ For over 20 years, Steve owned and operated a very successful MSP business. W ith a

516 views • 25 slides
Protecting Steel By Mr. Christopher L. Gibbons Protecting Steel Who are Teamac? 3 rd generation.

Protecting Steel By Mr. Christopher L. Gibbons Protecting Steel Who are Teamac? 3 rd generation.

Protecting Steel By Mr. Christopher L. Gibbons Protecting Steel Who are Teamac? 3 rd generation. Privately owned company. Based in Hull. Weve been making paint since 1908. Who am I? Chris Gibbons. L2 Icorr Paint inspector. 40 years

603 views • 14 slides
Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives: Define Cybersecurity & why its important Provide information about Dept. Homeland Security Cybersecurity Campaigns: National

328 views • 22 slides
CONTROLS LIMITED Creating Buildings With Intellect 140+ Company Strength ACE CONTROLS LIMITED

CONTROLS LIMITED Creating Buildings With Intellect 140+ Company Strength ACE CONTROLS LIMITED

ACE CONTROLS LIMITED Creating Buildings With Intellect 140+ Company Strength ACE CONTROLS LIMITED Creating Buildings With Intellect BOARD MEMBERS Mrs. Rashida Khanom G M Ehsanul Haq Md. Quamruzzaman Nazim Mahmud Rafiquzzaman Chairman

368 views • 25 slides
Analysis and BINDU CHANNAVEERAPPA Cybersecurity AND PETER THOMPSON i - Perceptions Objectives

Analysis and BINDU CHANNAVEERAPPA Cybersecurity AND PETER THOMPSON i - Perceptions Objectives

Business BA MANAGER FORUM Analysis and BINDU CHANNAVEERAPPA Cybersecurity AND PETER THOMPSON i - Perceptions Objectives This workshop will provide the necessary insights into the role that can be played by BAs in protecting information

530 views • 18 slides
Environmental Studies Program at CBFs Brock Environmental Center ALLPPT.com Presentation

Environmental Studies Program at CBFs Brock Environmental Center ALLPPT.com Presentation

Environmental Studies Program at CBFs Brock Environmental Center ALLPPT.com Presentation Overview Purpose of the Program Innovative Learning Student Opportunities Chesapeake Bay Foundation Partnership (CBF) Facility Frequently Asked

241 views • 13 slides
Corporate Presentation February 2020 Asset | Team | Game Changing Technology Safe Harbour

Corporate Presentation February 2020 Asset | Team | Game Changing Technology Safe Harbour

Corporate Presentation February 2020 Asset | Team | Game Changing Technology Safe Harbour Statement THE PRELIMINARY ECONOMIC ASSESSMENT (THE MEDIA LUNA PEA OR PEA) IS BASED ON THE TECHNICAL REPORT (DEFINED BELOW). THE PEA IS A

395 views • 37 slides
Corporate Presentation March 2020 Asset | Team | Game Changing Technology Safe Harbour Statement

Corporate Presentation March 2020 Asset | Team | Game Changing Technology Safe Harbour Statement

Corporate Presentation March 2020 Asset | Team | Game Changing Technology Safe Harbour Statement THE PRELIMINARY ECONOMIC ASSESSMENT (THE MEDIA LUNA PEA OR PEA) IS BASED ON THE TECHNICAL REPORT (DEFINED BELOW). THE PEA IS A CONCEPTUAL

607 views • 35 slides
Diabetes Action Now A consultation on a new World Health Organization (WHO) - International

Diabetes Action Now A consultation on a new World Health Organization (WHO) - International

Diabetes Action Now A consultation on a new World Health Organization (WHO) - International Diabetes Federation (IDF) Programme Overview of the presentation Introduction and rationale for the programme Overview of the programme, its

427 views • 27 slides
The Mayors Emergency Working Team Business & Individual Financial Recovery April 7, 2020

The Mayors Emergency Working Team Business & Individual Financial Recovery April 7, 2020

The Mayors Emergency Working Team Business & Individual Financial Recovery April 7, 2020 Council Member Jim Holmes Co-Chair Sarah Roberts The Work Leveraging community partners to advance recovery Business communications

277 views • 24 slides
Urban bana a Hi High h Sch choo ool You outh h Prog ogram ram Coordinator :

Urban bana a Hi High h Sch choo ool You outh h Prog ogram ram Coordinator :

Urban bana a Hi High h Sch choo ool You outh h Prog ogram ram Coordinator : Co-Coordinator : Preston James Jorge Elvir City of Urbana Urbana High School Administrator Urba bana na Hi High h Sch choo ool You outh h Prog

429 views • 10 slides
December 2017 Forward-looking Statements This presentation may contain forward-looking

December 2017 Forward-looking Statements This presentation may contain forward-looking

December 2017 Forward-looking Statements This presentation may contain forward-looking statements, including statements regarding the business and anticipated financial performance of ENTREC Corporation (ENTREC or the Company) . These

349 views • 24 slides
M agseis ASA EAGE 2017 13 June 2017 AGENDA Introduction OBS market development Current M

M agseis ASA EAGE 2017 13 June 2017 AGENDA Introduction OBS market development Current M

M agseis ASA EAGE 2017 13 June 2017 AGENDA Introduction OBS market development Current M agseis operations Financials and outlook Appendix June 2017 2 This is M agseis Leading provider of Ocean Bottom Seismic technology and

255 views • 24 slides

More recommend