Threat identification & analysis

Slides:

Advertisements

Similar presentations

Critical Infrastructure Protection Policy Priorities Sara Pinheiro European Commission DG Home Affairs.

Advertisements

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

GAMMA Overview. Key Data Grant Agreement n° Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget:

Identification of Critical Infrastructures in the Mediterranean Sea context and communications’ criticalities Irene Fiorucci Cesidio Bianchi Istituto Nazionale.

Session 8: Modeling the Vulnerability of Targets to Threats of Terrorism 1 Session 8 Modeling the Vulnerability of Targets to Threats of Terrorism John.

Cyber and Maritime Infrastructure

Alexander Brandl ERHS 561 Emergency Response Environmental and Radiological Health Sciences.

S5-1 © 2001 Carnegie Mellon University OCTAVE SM Process 5 Identify Key Components Software Engineering Institute Carnegie Mellon University Pittsburgh,

Introduction to Network Defense

A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.

Space Systems as Critical Infrastructure Iulia-Elena Jivanescu 1st Space Retreat, Tenerife, Spain, 8-22 January, 2013.

Maritime Security Risk Analysis Model

Presented by: Cyber Operations Division 1 Navigating the Compliance, Risk and Engineering Cyber Security Challenges Impacting Navy Programs 2015 ASNE Intelligent.

Isdefe ISXXXX XX Your best ally Panel: Future scenarios for European critical infrastructures protection Carlos Martí Sempere. Essen.

Securing Critical Chemical Assets: The Responsible Care ® Security Code Protection of Hazardous Installations from Intentional Adversary Acts European.

INTELLIGENCE SERVICES. The Stratfor Advantage As the world’s leading private intelligence company, Stratfor is able to analyze and deliver timely, accurate.

Cyber Warfare Situational Awareness & Best Defense Practices Presented by Hasan Yasar

Research Project #7 Expand the Collection of “Near-Miss” Data to All Modes.

CARVER+Shock Vulnerability Assessment Tool “As Agile As the Enemy” The Foundation for Institutional Development.

Health Emergency Risk Management Pir Mohammad Paya MD, MPH,DCBHD Senior Technical Specialist Public Health in Emergencies Asian Disaster Preparedness Center.

1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration.

UNECE – SC2 Rail Security Analysis and economic assessment of rail transport security 1st October 2009 Andrew Cook.

TÜBİTAK – BİLGEM – SGE Cyber Security Institute Asım Gençer Gökce TÜBİTAK BİLGEM Cyber Security Institute (SGE) Role: Cyber.

Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.

S3.1 session day 3 1 training delivered by Oxfam GB, RedR India and Humanitarian Benchmark; January 2012, Yangon, Myanmar approved by the Advisory.

BY: AUSTIN NEIGH. WHAT IS CYBER WARFARE? Hacking that is politically motivated to conduct sabotage or espionage Form of information warfare Typically.

Cyber Risks: Protecting confidential data against unauthorized access Vik Bansal Deloitte & Touche LLP John Reidhead State of Utah March 17, 2016.

Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.

Resilience best practices in the aviation field

Cyber Security Phillip Davies Head of Content, Cyber and Investigations.

Surveillance and Security Systems Cyber Security Integration.

Horizon 2020 Secure Societies European Info Day and Brokerage Event

Information Security Program

University of Birmingham My Future World Careers for Geography & Environmental Science Transport Planning Stephen Hill.

Žilinská univerzita v Žiline Fakulta špeciálneho inžinierstva

Risk Assessment.

April 21, 2017 Workshop Overview

Name of the idea Description and Military Application Maturity

Joint Force Headquarters-Michigan CCIRs and PIRs

Name of the idea Description and Military Application Maturity

HUIT Business Continuity

THE POTENTIAL FOR BIG DATA AND OCCURRENCE REPORTING FOR BETTER SAFETY MANAGEMENT Jen ABLITT, Head of Safety Strategy and Performance Sector.

What is terrorism? There is no agreed definition of terrorism internationally. The UK’s Terrorism Act 2000, defines terrorism as: The use or threat of.

Critical Infrastructure Protection Policy Priorities

Cybersecurity EXERCISE (CE) ATD Scenario intro

Joint Force Headquarters-Michigan CCIRs and PIRs

Cyber defense management

RISK MANAGEMENT An Overview: NIPC Model

© 2016 Global Market Insights, Inc. USA. All Rights Reserved Industrial Control Systems Security Market to reach $7bn by 2024: Global.

BSS 482 Innovative Education-- snaptutorial.com

Cyber-security for railways

Cyber Security in Ports Business as Usual?

How to approach a top-down call topic in Horizon 2020?

Copyright © 2012, Elsevier Inc. All rights Reserved.

Specification of Countermeasures for CYRAIL

How to assess the risks? Irene Arsuaga CYRAIL Final Conference

What are the Resilience Mechanisms? Hugo Pereira Evoleo Technologies

Enhanced alerting and collaborative incident management

Security for Safety: Enabling Digitalization of Railway Systems

Securing Critical Chemical Assets: The Responsible Care® Security Code

Cybersecurity EXERCISE (CE) ATD Scenario questions

Final Conference 18 Set 2018.

M.Eng. Alessandro Mancuso Supervisor: Dr. Piotr Żebrowski

EACCC and NM Activities

Information Protection

Yves Goulet Director, National Fisheries Intelligence Service

Deborah Housen-Couriel, ADV.

Transport policy for sustainable development

Information Protection

Adding security to your ICS environment? Fine! But how?!

Presentation transcript:

Threat identification & analysis What are the current and emerging threats targeting railway infrastructures?

Methodology for threat identification & analysis Threat identification and analysis Context Transport verticals Rail sector profile Historical attacks All transport sectors Focus on the rail sector Comparative study Targets: Countries, Sectors, Zones and assets Attacks: Attack types and effects, Vulnerability, health and safety Threat Actors profiles: APT, Ransomware Threat scenarios for CYRAIL New likely threat scenarios Overview of potential future attacks Advisory Threat taxonomy and ontology Threat taxonomy: Context, Threat Actor, Target , Attack, Impact Threat ontology

Timeline of historical attacks

Timeline of historical attacks 2008, Poland: Homemade transmitter that tripped rail switches and redirected trains and injured a dozen people in Lodz 2012, USA: Cyberattacks disrupted rail signaling and traffic in the north-western USA for two days 2015, South Korea: Malware attack against dozens of terminals of a subway operator in Seoul over the course of several months 2016, UK: Multiple cyberespionage operations against Network Rail 2017, Germany: WannaCry ransomware attack on Deutsche Bahn

Comparative study Rail/Transport Targeted sectors Targeted countries Impacted zones Attack types

Cyber-attack classification methodology Identity card of a cyber-attack Based on a threat taxonomy

Threat taxonomy Context Geopolitical Attack Type Effect Impact Safety Unknown geopolitical context Conflicts Economical Not relevant Personal Threat taxonomy Threat Actor Name Name of the attacker or group of attacker Geographical area Location Country Motivation Accidental Coercion Dominance Ideology Notoriety Organisational-gain Personal-gain Personal-Safisfaction Revenge Unpredictable Unknown motivation Resource-level Individual Club Contest Team Organization Government Unknown resource-level Sophistication None Minimal Intermediate Advanced Expert Innovator Strategic Unknown level of sophistication Target Geographical area Location Country Organizational Unit Name of the impacted Organizational Unit Sector Rail Aviation Highway & motor carrier Military transport Maritime Shipping Zone Onboard Wayside Signal Command-onboard Maintain JRU Movement KMC Control Center IT infrastructure Multiple zones Unknown zone Asset Name of the impacted asset(s) Attack Type Type of attack Effect Effect of the attack on the targeted system Vulnerability, health and safety Exploited vulnerability or weakness Impact Safety Unknown Life-threatening injuries Severe and life-threatening injuries Light and moderate injuries No injuries Financial Existence-threatening financial damage Substantial financial damage Undesirable financial damage Operational Vehicule unusable Service required Comfort affected Not relevant

New threat scenarios for CYRAIL

Risk assessment based on a threat ontology