cyber threats on the industrial environment · como pedro por su smart-building author: eduardo...
TRANSCRIPT
![Page 1: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/1.jpg)
Cyber Threats on theIndustrial Environment
Eduardo Arriols Nuñez
![Page 2: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/2.jpg)
1. Cyber Threats
2. Security Research
3. Conclusions
![Page 3: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/3.jpg)
Cyber Threats
![Page 4: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/4.jpg)
¿What is a Cyber Threat?
Everyone know about traditional threats but…
¿How many of you know all the real threats and risks on your company?
![Page 5: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/5.jpg)
Risks associated to IoT
IT Network
Industrial Network
![Page 6: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/6.jpg)
Security Research
![Page 7: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/7.jpg)
1. Introduction
2. Control of the building
3. Organizations affected
4. Post-explotation
![Page 8: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/8.jpg)
1. Introduction
2. Control of the building
3. Organizations affected
4. Post-explotation
![Page 9: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/9.jpg)
![Page 10: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/10.jpg)
![Page 11: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/11.jpg)
![Page 12: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/12.jpg)
Keep It Simple
![Page 13: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/13.jpg)
1. Introduction
2. Control of the building
3. Organizations affected
4. Post-explotation
![Page 14: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/14.jpg)
Building Management System
IntegratorsManufacturers
![Page 15: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/15.jpg)
Find a backdoor: Existence of valid users in the system that werenot in the documentation.
• guest / *****
• test / ****
• demo / ****
1
Attack vector
Read access to BMS: Access to the BMS only with readpermissions.
2
![Page 16: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/16.jpg)
Access to BMS configuration: Access with read permissions tosystem users and their encrypted passwords.
3
Attack vector
![Page 17: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/17.jpg)
Identification of libraries: Access and download of BMS corelibraries with encryption and decryption functions.
4
Attack vector
![Page 18: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/18.jpg)
Password decryption: Simple script for recovering the credentialsobtained before.
5
Attack vector
![Page 19: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/19.jpg)
Access as administrator: Use of users and credentials obtained.6
Attack vector
![Page 20: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/20.jpg)
1. Introduction
2. Control of the building
3. Organizations affected
4. Post-explotation
![Page 21: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/21.jpg)
Location of vulnerable systems
![Page 22: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/22.jpg)
Private companies
![Page 23: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/23.jpg)
Banks
![Page 24: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/24.jpg)
Hospitals
![Page 25: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/25.jpg)
Airports
![Page 26: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/26.jpg)
Industrial companies
![Page 27: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/27.jpg)
Jails
![Page 28: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/28.jpg)
Police departaments
![Page 29: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/29.jpg)
Government buildings
![Page 30: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/30.jpg)
Demo time
![Page 31: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/31.jpg)
1. Introduction
2. Control of the building
3. Organizations affected
4. Post-explotation
![Page 32: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/32.jpg)
More advance actions
Signal alteration
Automation of all actions
Access to industrial network of the building
Access to internal network of company
Launch advanced and targeted attacks on a city
![Page 33: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/33.jpg)
Conclusions
![Page 34: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/34.jpg)
New technology
New threats
Evolution of threats
New securitychecks
![Page 35: Cyber Threats on the Industrial Environment · Como Pedro por su Smart-Building Author: Eduardo Arriols Nuñez Created Date: 5/16/2017 10:54:09 AM](https://reader035.vdocument.in/reader035/viewer/2022070720/5ee0aebdad6a402d666bd40e/html5/thumbnails/35.jpg)
The Red Team exercise is the most specialized intrusion service that simulate a targetedattack from an adversary mindset. The exercises allows the company to identify their globalsecurity level, as well as the level of prevention and protection against targeted threats.
The only way to identify the global security and the Blue Team capabilities
Red Team Operations
DIGITAL SECURITY
SOCIAL ENGINEERING
PHYSICAL SECURITY
OFFENSIVE INTELLIGENCE