Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.

Similar presentations


Presentation on theme: "Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003."— Presentation transcript:

1 Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003

2 Incident Summary, 2000-2002 200020012002 Incident Type 165931 System compromised (intruder has control) security holes in software (e.g. ssh, ftp, telnet, ICQ,…) 864225 Compromised CERN accounts sniffed or guessed passwords 91121 Serious Viruses several new viruses are released each day 181321 Unauthorised use of file servers insufficient access controls 91516 Serious SPAM incidents CERN email addresses are regularly forged 17119 Miscellaneous security alerts 155151123 Total Incidents

3 Conclusions  Intruders or serious viruses were detected on a total of 77 CERN systems during 2002 Firewall blocks many attempts per day Intrusions succeed almost weekly  Security patches for all software need to be applied in a timely fashion A balance is needed between risk and stability, but for systems directly exposed outside the firewall the risk is extremely high (the patch may come too late)  Exposing sensitive systems (e.g. controls) directly outside the firewall is a recipe for disaster They will be targeted continually by hostile code, which even if unsuccessful, has a performance and stability impact

4 Recommendations for remote access to control systems  Strictly limit access to a minimal set of clearly identified and authorised users Individual usernames are essential even if software or data is shared Logs of connections and actions are needed for incident identification and correction  Provide remote access via independent systems Separate remote access from the control systems and clearly define the interaction to reduce risks Ensure sufficient security on the remote access systems Minimal configuration which can be exposed in the firewall at low risk Active management and monitoring with timely patches applied LXPLUS and VPN servers offer remote access to CERN A remote access service dedicated to control systems may be required for strengthened security in the LHC era

5 Solutions for Remote Access  Control screens and applications can be managed remotely via encrypted tunnels Locally installed applications encrypted inside SSH (http://cern.ch/security/ssh/encrypt_connections.htm)http://cern.ch/security/ssh/encrypt_connections.htm VNC (Virtual Network Computing) encrypted inside SSH (http://cern.ch/security/ssh/encrypt_vnc.htm)http://cern.ch/security/ssh/encrypt_vnc.htm CERN VPN encrypted connections (http://cern.ch/vpn) allow remote computers to connect as if running on the CERN Campus Networkhttp://cern.ch/vpn

6 Encrypting applications with SSH  An application(s) on the remote workstation is configured to connect locally to ssh  Ssh is configured to route the local client application to a CERN server application  An ssh connection is opened to CERN (e.g. lxplus) and the client application is launched as if running at CERN.

7 VPN (Virtual Private Network)  A remote computer can connect to the Internet using an arbitrary Internet Service Provider (ISP) and have an IP Address in the Internet.  The VPN client software on the remote computer exchanges data through an encrypted tunnel with a dedicated VPN server at CERN  The remote computer acts as if it was on the CERN Intranet and can run applications transparently through the tunnel

8 Securing VPN Client access  Protect the computer Anti-virus updated at least daily (for Windows PCs) Operating system and installed applications kept secure for all known security holes Firewall for home computers with permanent connections (e.g. ADSL) System restricted to only run essential applications games, music and freely copied software are targets for viruses  Protect the account & password Require registration (no default access) Verify that VPN passwords cannot be cracked Require at least 128 bit encryption Limit unsuccessful login attempts CERN’s VPN Security Requirements are at: http://cern.ch/vpn/security CERN’s VPN Security Requirements are at: http://cern.ch/vpn/security

9 Summary  Avoid direct off-site Internet access for control systems Use technical network or TCP/IP Connectivity = NONE Discuss requirements with Campus Network team  Configure control systems securely and apply patches in a timely fashion The balance between stability and risk needs to take account of almost weekly on-site intrusions  Provide remote access via independent systems with strict security and clearly defined interaction with control systems Implement user level access controls and logging LXPLUS and VPN servers provide remote access to CERN. Enhanced solutions may be needed for the LHC era.


Download ppt "Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003."

Similar presentations


Ads by Google