Форум АСУ в Україні

форум з автоматизації для викладачів, студентів та спеціалістів
Сьогодні: 29 березня 2024, 15:33

Часовий пояс UTC + 2 годин [ DST ]




Створити нову тему Відповісти  [ 1 повідомлення ] 
Автор Повідомлення
 Тема повідомлення: Anatomy Of A 'Cyber-Physical' Attack
ПовідомленняДодано: 15 січня 2015, 16:06 
Офлайн
Викладач

З нами з: 29 листопада 2013, 17:11
Повідомлення: 5033
Anatomy Of A 'Cyber-Physical' Attack
http://www.darkreading.com/vulnerabilit ... ?_mc=sm_dr
Kelly Jackson Higgins
Цитата:
Anatomy Of A 'Cyber-Physical' Attack
Inflicting major or physical harm in ICS/SCADA environments takes more than malware.
S4x15 Conference — The real threat to a power or manufacturing plant isn't the latest vulnerability or malware variant.
"If you only consider hackers, you don’t have to be concerned that much. They won't be able to take down a power grid or blow up chemical facilities," says Ralph Langer, founder of Langner Communications and a top Stuxnet expert. The danger is when attackers have an understanding of the physical and engineering aspects of the plant or site they are targeting, he says.
"We have not seen a lot of cyber-physical attacks in the past to actually cause much damage. That requires skillsets that have nothing to do with hacking," says Langner.
Stuxnet, of course, was the first known example of a cyber-physical attack. Its mission was to derail the uranium enrichment process at Iran's Natanz nuclear facility by sabotaging the associated centrifuges.
"So we can conclude at this time that there are organizations out there already who understand this and have mastered this [cyber-physical attack model], more than like nation-states," Langner says. But that knowledge ultimately will spread more widely, he says.
Langner predicts exploit tools will emerge for attack power grids, for example, as the methodologies known by nation-states proliferate. "That's what concerns me."
Bryan Singer, principal investigator at Kenexis Security Corp., teamed up with chemical engineer Lily Glick at his company to demonstrate just what it would take to execute a remote physical attack on a power plant or manufacturing plant floor. "Software vulnerabilities are of no use if want the maximum scenario. You need to know the engineering protocols" of the targeted site, Singer said here today in a presentation.
An attacker would need to have some knowledge of the control systems running in the plant and how the process -- such as vodka distillation, which Singer and Glick featured as an example in their presentation -- works. So process control operators can't merely rely on vulnerability assessment to secure these systems, according to Singer.
That doesn't mean an attacker needs to actually have engineering expertise, however. The attacker could glean intelligence from open-source information on ICS products as well as acquire inside intelligence about the plant itself, either by stealing plant engineering diagrams or information remotely, or even by schmoozing a plant engineer.
"You could social-engineer an engineer," notes Chris Sistrunk, a senior consultant in the ICS practice at Mandiant, a FireEye company.


Догори
 Профіль  
 
Відображати повідомлення за:  Сортувати за  
Створити нову тему Відповісти  [ 1 повідомлення ] 

Часовий пояс UTC + 2 годин [ DST ]



Хто зараз онлайн

Зараз переглядають цей форум: Немає зареєстрованих користувачів і 1 гість


Ви не можете створювати нові теми у цьому форумі
Ви не можете відповідати на теми у цьому форумі
Ви не можете редагувати ваші повідомлення у цьому форумі
Ви не можете видаляти ваші повідомлення у цьому форумі
Ви не можете додавати файли у цьому форумі

Знайти:
Вперед:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Вы можете бесплатно создать форум PHPBB2 на MyBB2.ru, Также возможно создать форум бесплатно PHPBB3 на Getbb.ru
Український переклад © 2005-2007 Українська підтримка phpBB