SCADA NETWORK SECURITY BY LICET 4-AUG-12.

Slides:



Advertisements
Similar presentations
Driving Factors Security Risk Mgt Controls Compliance.
Advertisements

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.
Prepare your NOC 111. SP’s/ISP’s NOC Team Every SP and ISP needs a NOC Anyone who has worked or run a NOC has their own list of what should be in a NOC.
Separate Domains of IT Infrastructure
Unit 6- Operating Systems.  Identify the purpose of an OS  Identify different operating systems  Describe computer user interaction with multiple operating.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
SUBSTATION SECURITY WHY FIREWALLS DON’T WORK! ©Copyright 1998, Systems Integration Specialists Company, Inc. All Rights Reserved Presented by:
Stuart Cunningham - Computer Platforms COMPUTER PLATFORMS Computer & Network Security & User Support & Training Week 11.
Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.
© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.
Thoughts on Firewalls: Topologies, Application Impact, Network Management, Tech Support and more Deke Kassabian, April 2007.
Cyber Terrorism Shawn Carpenter Computer Security Analyst
IS Network and Telecommunications Risks Chapter Six.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
Scott Charney Cybercrime and Risk Management PwC.
Intrusion Detection on a Shoestring Budget Shane Williams UT Austin Graduate School of Library and Information Science Oct. 18, 2000 SANS Network Security.
TS workshop 2004U. Epting, M.C. Morodo Testa - TS department1 Improving Industrial Process Control Systems Security Uwe Epting (TS/CSE) Maria Carmen Morodo.
ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit.
Successfully Implementing The Information System Systems Analysis and Design Kendall and Kendall Fifth Edition.
Cyber Security of SCADA Systems Testbed Development May1013 Group Members: Ben Kregel Justin Fitzpatrick Michael Higdon Rafi Adnan Adviser: Dr. Manimaran.
Understand Wireless Security LESSON Security Fundamentals.
Central Management of 300 Firewalls and Access-Lists Fabian Mauchle TNC 2012 Reykjavík, 21-May-2012.
Artificial Intelligence In Power System Author Doshi Pratik H.Darakh Bharat P.
Onsite CRM Security
Enhancing Network Security
Automation Technologies SCADA SENSORS HMI
CSCE 548 Student Presentation By Manasa Suthram
Risk management.
Add video notes to lecture
Cloud Computing Q&A Presented by:
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
Operational Technology Information Technology
Agenda Control systems defined
CompTIA Server+ Certification (Exam SK0-004)
Errors, Fraud, Risk Management, and Internal Controls
Putting It All Together
Putting It All Together
How SCADA Systems Work?.
Computing Fundamentals
Stress-free IT REMOTE INFRASTRUCTURE MANAGEMENT
Introduction to Networking
CHAPTER 4 Information Security.
CS691 M2009 Semester Project PHILIP HUYNH
Unit 7 – Organisational Systems Security
Cloud Computing Security: Mapping Concepts to Practical Techniques
Today’s Risk. Today’s Solutions. Cyber security and
Unfortunately, any small business could face the risk of a data breach or cyber attack. Regardless of how big or small your business is, if your data,
I have many checklists: how do I get started with cyber security?
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
A quick look into today’s APTs
DHCP, DNS, Client Connection, Assignment 1 1.3
Advanced Services Cyber Security 101 © ABB February, | Slide 1.
CS691 M2009 Semester Project PHILIP HUYNH
Software Defined Networking (SDN)
CSCD 434 Network Security Spring 2012 Lecture 1 Course Overview.
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
Bethesda Cybersecurity Club
Firewalls Routers, Switches, Hubs VPNs
12 STEPS TO A GDPR AWARE NETWORK
Contact Center Security Strategies
Prolog to Lecture 2 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein
Topic 5: Communication and the Internet
CSCD 434 Network Security Spring 2019 Lecture 1 Course Overview.
CCNA 4 v3.1 Module 6 Introduction to Network Administration
INTERNET SECURITY.
Chapter 21 Successfully Implementing The Information System
Anatomy of Industrial Cyber Attacks
Presentation transcript:

SCADA NETWORK SECURITY BY LICET 4-AUG-12

My Interest In Network Security; This Talk  SCADA: The technical level of this talk has been tailored to insure that it doesn’t provided a detailed “cookbook” that can be used by the bad guys to attack SCADA Network systems.  Given the venue, we’re not going to talk about policy stuff today (but security policies are important). 2

WHAT IS SCADA ?  SCADA stands for “supervisory control and data acquisition ”.  It generally refers to a control system: a computer system monitoring and controlling a process  Supervisory control means monitoring & controlling the parameters of equipment

TYPES OF PROCESSES  SCADA controlling process can be Industrial process Infrastructure process Facility process industrial process infrastructure Process facility process

SCADA VULNERABILITIES  There were 129 public SCADA vulnerabilities, a massive increase over the 15 vulnerabilities in  Policy and Procedure Vulnerabilities  Platform Vulnerabilities  Network Vulnerabilities

Actually, SCADA Can Be Frighteningly “Exciting”…  SCADA insecurity may have contributed to the end of the Cold War *  SCADA may be of substantial interest to major terrorists  SCADA systems may suffer sabotage by disgruntled insiders, acting individually  SCADA may have “big” technical failures  … but we’d really prefer it to be VERY dull! 6

THE SECURITY OF SCADA SYSTEMS?????  Simple Protocols  Windows-Based Control Stations  Shared Passwords  Common Passwords Across Multiple Devices  Plain Text (Unencrypted) FR PASSWORD  Few Firewall Options

HOW TO OVERCOME OF EXCITING PROBLEM  Change the windows OS to Linux  Running proprietary software and communication protocol on TCP/IP based systems  Update intrusion detection systems  Familiar with embedded RTOS’S  Add SCADA security to your network security syllabus 8

CONCLUSION  SCADA is a control system  We have secure encrypted password  Lake of trained person  Initial capital investment  Add SCADA security to network syllabus  Make sure vendors know what SCADA security products.

Thanks for the Chance to Talk Today!  Are there any questions? 10

Any queries contact me

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.