Upload
brian-honan
View
1.948
Download
0
Tags:
Embed Size (px)
DESCRIPTION
A presentation I gave to the International Society of Automation Ireland Section on how relying on air gaps to protect ICS and secure networks is a fallacy. This talk highlights actual incidents resulting from the air gap failing and systems being compromised
Citation preview
ISA Ireland Section
Cyber Security Conference
8th May 2014
Who Am I?
What is an Air Gap?
In networks, an air gap is a type of
security where the network is secured
by keeping it separate from other local
networks and the Internet. While this
provides security, it also limits access
to the network by clients.
Attack Breakdown
CountryType
TotalCritical Noncritical
Netherlands 0 2 2
China 5 2 7
Germany 1 4 5
Kazahkstan 0 1 1
Canada 0 1 1
USA 0 3 3
Australia 0 1 1
Moldova 0 1 1
Ukraine 0 2 2
UK 1 0 1
France 1 0 1
Palestine 2 1 3
Poland 0 1 1
Slovenia 0 1 1
Japan 0 1 1
Russia 0 43 43
Total 10 64 74
April 2000 – Insider & Hackers
Controlled Central Switchboard
April 2000 – Remote Access
Maroochy Water Services
June 2001 – External Hackers
California Independent System
Operator
January 2003 – Bypassed Firewall
Davis-Besse Plant via Contractor
October 2006 – Infected Laptop
Harrisburg PA Water Treatment
Aug 2007 – Unauthorised Software
Tehama Colusa Canal Authority
March 2009 – Disgruntled Employee
Pacific Energy Resources
October 2010 – Stuxnet
Since 2010 - Specialised Malware
Goodbye Air Gap
BadBIOS – From 2012
2012 Annual Incidents Report
13
76
8
5
6
0 10 20 30 40 50 60 70 80
Third Party Failure
System Failures
Malicious Actions
Human Errors
Natural Phenomena
% Incidents
13
9
4
26
36
0 5 10 15 20 25 30 35 40
3rd Party Failure
System Failures
Malicious Actions
Human Errors
Natural Phenomena
Outage in Hours
“Cyber-attacks are
the 6th most
important cause of
outages in
telecommunication
infrastructures,
with an impact on
considerable
numbers of users
in this sector”
How To Defend
Invest in Right Tools
Awareness
Monitor & Respond
Incident Response & Forensics
@BrianHonan