cyber threats on the industrial environment · como pedro por su smart-building author: eduardo...
Post on 03-Jun-2020
0 Views
Preview:
TRANSCRIPT
Cyber Threats on theIndustrial Environment
Eduardo Arriols Nuñez
1. Cyber Threats
2. Security Research
3. Conclusions
Cyber Threats
¿What is a Cyber Threat?
Everyone know about traditional threats but…
¿How many of you know all the real threats and risks on your company?
Risks associated to IoT
IT Network
Industrial Network
Security Research
1. Introduction
2. Control of the building
3. Organizations affected
4. Post-explotation
1. Introduction
2. Control of the building
3. Organizations affected
4. Post-explotation
Keep It Simple
1. Introduction
2. Control of the building
3. Organizations affected
4. Post-explotation
Building Management System
IntegratorsManufacturers
Find a backdoor: Existence of valid users in the system that werenot in the documentation.
• guest / *****
• test / ****
• demo / ****
1
Attack vector
Read access to BMS: Access to the BMS only with readpermissions.
2
Access to BMS configuration: Access with read permissions tosystem users and their encrypted passwords.
3
Attack vector
Identification of libraries: Access and download of BMS corelibraries with encryption and decryption functions.
4
Attack vector
Password decryption: Simple script for recovering the credentialsobtained before.
5
Attack vector
Access as administrator: Use of users and credentials obtained.6
Attack vector
1. Introduction
2. Control of the building
3. Organizations affected
4. Post-explotation
Location of vulnerable systems
Private companies
Banks
Hospitals
Airports
Industrial companies
Jails
Police departaments
Government buildings
Demo time
1. Introduction
2. Control of the building
3. Organizations affected
4. Post-explotation
More advance actions
Signal alteration
Automation of all actions
Access to industrial network of the building
Access to internal network of company
Launch advanced and targeted attacks on a city
Conclusions
New technology
New threats
Evolution of threats
New securitychecks
The Red Team exercise is the most specialized intrusion service that simulate a targetedattack from an adversary mindset. The exercises allows the company to identify their globalsecurity level, as well as the level of prevention and protection against targeted threats.
The only way to identify the global security and the Blue Team capabilities
Red Team Operations
DIGITAL SECURITY
SOCIAL ENGINEERING
PHYSICAL SECURITY
OFFENSIVE INTELLIGENCE
¿Questions?
Eduardo Arriols Nuñezeduardo_arriols@innotecsystem.com @_Hykeos
top related