![Page 1: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/1.jpg)
16 July 2016
Saturday
ISSA-COS Mini-Seminar
Colorado Technical University
Colorado Springs, CO
Wally Magda, SOHK
WallyDotBiz LLC
How do we keep the lights on when
everyone has access to the switch?
![Page 2: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/2.jpg)
2 WallyDotBiz LLC © 2016
• No animals were harmed in the making of
this presentation!
Industrial Control Systems: How do we keep the lights on…..?
![Page 3: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/3.jpg)
3 WallyDotBiz LLC © 2016
Industrial Control Systems: How do we keep the lights on…..?
![Page 4: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/4.jpg)
4 WallyDotBiz LLC © 2016
• Please put alert generating devices into
silent or vibrate mode if possible
• Be kind to your colleagues; please take
phone conversation out in the hall
Cellphone, BB, PDA Advisory
![Page 5: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/5.jpg)
5 WallyDotBiz LLC © 2016
• The author is not a lawyer and cannot give legal
advice
• The author does not endorse any specific product
or entity
• This presentation is simply the author’s
professional perspective on Industrial Control
Systems (ICS) Cyber and Physical Security
• References used can be found in Helpful Links
section
DISCLAIMER
![Page 6: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/6.jpg)
6 WallyDotBiz LLC © 2016
How do we keep the lights on when the
switch is connected to the internet?
![Page 7: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/7.jpg)
7 WallyDotBiz LLC © 2016
• SCADA overview
• Threat vectors into ICS devices
• Possible consequences once in control
• Horror stories and threat scenarios
• Actions to protect business and customers
AGENDA
![Page 8: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/8.jpg)
8 WallyDotBiz LLC © 2016
SCADA overview
![Page 9: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/9.jpg)
9 WallyDotBiz LLC © 2016
• SCADA
• Supervisory Control and Data Acquisition
o “Typically” deployed across large geographic
area like electric grid or natural gas pipelines
o One type of many systems used to keep the
lights on and energy flowing
SCADA overview
![Page 10: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/10.jpg)
10 WallyDotBiz LLC © 2016
SCADA overview
Typical SCADA Diagram
![Page 11: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/11.jpg)
11 WallyDotBiz LLC © 2016
SCADA overview
Alphabet soup--Lots of acronyms for similar systems/devices
We shall choose one for purposes of this presentation
![Page 12: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/12.jpg)
12 WallyDotBiz LLC © 2016
• ICS
• Industrial Control System
o Broad set of control systems
o General term that encompasses all
SCADA overview
![Page 13: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/13.jpg)
13 WallyDotBiz LLC © 2016
SCADA overview
![Page 14: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/14.jpg)
14 WallyDotBiz LLC © 2016
SCADA overview
![Page 15: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/15.jpg)
15 WallyDotBiz LLC © 2016
SCADA overview
![Page 16: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/16.jpg)
16 WallyDotBiz LLC © 2016
SCADA overview
• Typical ICS system found in many homes…
![Page 17: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/17.jpg)
17 WallyDotBiz LLC © 2016
SCADA overview
Temperature Display
Cold Air Hot Air
Heat Exchanger Burner & Blower
Thermostat to set desired temp
Natural Gas Valve
Igniter/Pilot
Blower
Turn on/off Gas
House temperature
Heat loss from home
Natural Gas BTU Heat Content
Teenager
LED/iPhone/Dial-up
Typical Home Heating System
![Page 18: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/18.jpg)
18 WallyDotBiz LLC © 2016
• HVAC
• PACS
• Manufacturing
• Vehicles
• Airplanes
• Sprinkler/Irrigation
• Pharmaceutical--Remote drug injection
• Pacemakers
SCADA overview
![Page 19: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/19.jpg)
19 WallyDotBiz LLC © 2016
Threat vectors into ICS devices
![Page 20: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/20.jpg)
20 WallyDotBiz LLC © 2016
Threat vectors into ICS devices
FUDThe Good
The Bad
The Ugly
![Page 21: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/21.jpg)
21 WallyDotBiz LLC © 2016
Threat vectors into ICS devices
!!!! This ain’t FUD !!!!
![Page 22: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/22.jpg)
22 WallyDotBiz LLC © 2016
Threat vectors into ICS devices
![Page 23: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/23.jpg)
23 WallyDotBiz LLC © 2016
Threat vectors into ICS devices
ISSSource.com about a report from Rockwell Automation
about a ransomware attack from a file being made
available on the internet (no source given) called
‘Allenbradleyupdate.zip’ (April 2016)
![Page 24: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/24.jpg)
24 WallyDotBiz LLC © 2016
Threat vectors into ICS devices
![Page 25: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/25.jpg)
25 WallyDotBiz LLC © 2016
Threat vectors into ICS devices
![Page 26: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/26.jpg)
26 WallyDotBiz LLC © 2016
Threat vectors into ICS devices
![Page 27: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/27.jpg)
27 WallyDotBiz LLC © 2016
Threat vectors into ICS devices
![Page 28: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/28.jpg)
28 WallyDotBiz LLC © 2016
Threat vectors into ICS devices
Interdependencies
![Page 29: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/29.jpg)
29 WallyDotBiz LLC © 2016
Threat vectors into ICS devices
![Page 30: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/30.jpg)
30 WallyDotBiz LLC © 2016
• Generation--coal, natural gas, oil, hydro,
geo-thermal, wind, solar, steam, nuclear
o Mix of natural gas exceeds 50%
o No gas, no fuel supply, no electricity
o Rinse, Lather and Repeat
• Cyber attack can easily shut it down
Threat vectors into ICS devices
![Page 31: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/31.jpg)
31 WallyDotBiz LLC © 2016
![Page 32: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/32.jpg)
32 WallyDotBiz LLC © 2016
Threat vectors into ICS devices
• FTP
• Telnet
• SNMPv1 (v3 available for 14 years)
• Firewall misconfiguration
• VLAN misconfiguration
• Wireless (MIJI)
• Spearphishing
![Page 33: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/33.jpg)
33 WallyDotBiz LLC © 2016
Threat vectors into ICS devices
Sneaker Net
![Page 34: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/34.jpg)
34 WallyDotBiz LLC © 2016
Threat vectors into ICS devices
• Social Engineering
![Page 35: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/35.jpg)
35 WallyDotBiz LLC © 2016
Possible consequences once in control
![Page 36: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/36.jpg)
36 WallyDotBiz LLC © 2016
Possible consequences once in control
Smart Grid home monitoring; connected to internet
![Page 37: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/37.jpg)
37 WallyDotBiz LLC © 2016
Possible consequences once in control
![Page 38: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/38.jpg)
38 WallyDotBiz LLC © 2016
Possible consequences once in control
• Project Aurora 2.25 MW generator (2007)
• Remote cyberattack destroys generator
![Page 39: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/39.jpg)
39 WallyDotBiz LLC © 2016
Possible consequences once in control
• Let the smoke out and it stops working!
![Page 40: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/40.jpg)
40 WallyDotBiz LLC © 2016
Possible consequences once in control
• Not to be confused with Operation Aurora• 2010 hack stealing Intellectual Property
• 2003 Northeast electric grid outage, situational
awareness lost in Ohio when computer systems
slowed down
• Not a hack but was contributing cyber component
![Page 41: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/41.jpg)
41 WallyDotBiz LLC © 2016
Possible consequences once in control
• Ping sweep causes robotic arm to swing wildly
• Ping caused IC fab plant to hang
• $50,000 worth of wafers destroyed
• IT performing pen test on corporate network
• Unintentionally stumbles into SCADA
• Locks up gas pipeline SCADA
• 4 hours gas service shutdown
![Page 42: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/42.jpg)
42 WallyDotBiz LLC © 2016
Possible consequences once in control
Feb 2016
![Page 43: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/43.jpg)
43 WallyDotBiz LLC © 2016
Horror stories and threat scenarios
![Page 44: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/44.jpg)
44 WallyDotBiz LLC © 2016
Horror stories and threat scenarios
Top 3
Public Enemies
Electric
![Page 45: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/45.jpg)
45 WallyDotBiz LLC © 2016
Horror stories and threat scenarios
![Page 46: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/46.jpg)
46 WallyDotBiz LLC © 2016
Horror stories and threat scenarios
AIR GAP
International Space Station (ISS)
![Page 47: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/47.jpg)
47 WallyDotBiz LLC © 2016
• Houston! Windows Has Problems
o 2008-Password Stealing Virus Infects Space
Station Laptops (W32.Gammima.AG)
o Not the first time
o Payload laptops do NOT provide virus
protection/detection software
Horror stories and threat scenarios
![Page 48: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/48.jpg)
48 WallyDotBiz LLC © 2016
• NASA assures astronauts flight control
systems were not in danger
o But to be safe….
o Migrates all the computer systems related to
the ISS over to Linux for
Security
Stability
Reliability reasons
o Mistaken belief that Linux has no vulns
Horror stories and threat scenarios
![Page 49: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/49.jpg)
49 WallyDotBiz LLC © 2016
Horror stories and threat scenarios
![Page 50: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/50.jpg)
50 WallyDotBiz LLC © 2016
• 787 vulnerable to hackers
o Common Core System (CCS)
o Saves weight—less line units
o Wireless computer controls
o FAA raised security concerns
o Boeing claims they have addressed issues
o Maintenance crews--wireless laptops
Horror stories and threat scenarios
![Page 51: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/51.jpg)
51 WallyDotBiz LLC © 2016
• Airports and airlines considered CI
• Airlines do not have to report cyber attacks
• Senator queries air industry about aircraft
cybersecurity defenses
• Oh my!!!!
o Hack-able cars at risk in a cyber attack
o Navigation, Wi-Fi, Bluetooth, cellular
o Brakes & steering on Bluetooth!!!!
Horror stories and threat scenarios
![Page 52: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/52.jpg)
52 WallyDotBiz LLC © 2016
• Stuxnet via sneakernet (June 2010)
o Natanz Fuel Enrichment Plant
o Digitally Signed malware
o HMI spoofed (operator intuition)
o Slow attack under radar
o Destroy centrifuges
• Variants out in wild
Horror stories and threat scenarios
![Page 53: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/53.jpg)
53 WallyDotBiz LLC © 2016
o Stuxnet infected Chevron’s IT Network (Nov 8,
2012)
o TELVENT hit by sophisticated cyber attack
SCADA admin tool compromised (Sep 26,
2012)
Telvent supplies remote admin and monitoring tools
Intelligent transportation systems, train, metro, traffic
lights
Warns customers of advanced persistent threat!!!!
Horror stories and threat scenarios
![Page 54: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/54.jpg)
54 WallyDotBiz LLC © 2016
Horror stories and threat scenarios
• Power generation facility
• Malware discovered USB drive
• Two engineering workstations
• No backups
![Page 55: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/55.jpg)
55 WallyDotBiz LLC © 2016
Horror stories and threat scenarios
• Turbine control system
• Scheduled outage for maintenance
• Third party tech USB for uploads
• Mariposa botnet virus discovered USB drive
• Delayed restart 3 weeks = $$$$$
![Page 56: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/56.jpg)
56 WallyDotBiz LLC © 2016
Horror stories and threat scenarios
• Use case (optional) ICS-Cert Advisory (ICSA-10-090-01), revised 2014
o USUTIL2 notifies USUTIL1 of malware employee
o Instructor shared at industry conference
o Mariposa botnet-trojan
Username/passwords
o USUTIL1 malware tools did not detect
o Windows system-still spreading but can’t phone home
o Command & Control (C2) callbacks
hnox.org, socksa.com, ronpc.net
Initial contact 49 bytes, UDP 21039
![Page 57: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/57.jpg)
57 WallyDotBiz LLC © 2016
Horror stories and threat scenarios
• Netherland
o Dike controls on internet--Shodan
o Veere county admin using password “Veere”
o Server running SunOS 5.8 not patched for 6
years
![Page 58: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/58.jpg)
58 WallyDotBiz LLC © 2016
Horror stories and threat scenarios
• Netherland
o New low—Bavaria Beer Brewer site hacked
o Large electronics company hacked
o Dutch gov lost cyber security incident database
Backup tapes could not be read anymore
![Page 59: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/59.jpg)
59 WallyDotBiz LLC © 2016
Horror stories and threat scenarios
Courtesy of SHODAN
![Page 60: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/60.jpg)
60 WallyDotBiz LLC © 2016
Horror stories and threat scenarios
•FUD
•Hacktivists
•Specialized Search Engines
• (SHODAN, SHINE, ERIPP)
•Exploitation Tool Kits
![Page 61: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/61.jpg)
61 WallyDotBiz LLC © 2016
Horror stories and threat scenarios
• 2012 Chines Hackers gain access to
NASA’s Jet Propulsion Lab
• Saudi Aramco Attack; 30,000+ computer
systems data wiped (Shamoon-sneakernet)
• 400% increase vuln reports since 2010
• Major spearphishing campaign US Oil &
Natural Gas Pipelines
![Page 62: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/62.jpg)
62 WallyDotBiz LLC © 2016
Horror stories and threat scenarios
![Page 63: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/63.jpg)
63 WallyDotBiz LLC © 2016
Horror stories and threat scenarios
Tuesday, April 16, 2013, 1:30 AM PDTFlashes lower left show round hitting fence
Metcalf
Substation
![Page 64: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/64.jpg)
64 WallyDotBiz LLC © 2016
Web site encouraging followers to initiate “electronic jihad.”
![Page 65: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/65.jpg)
65 WallyDotBiz LLC © 2016
![Page 66: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/66.jpg)
66 WallyDotBiz LLC © 2016
![Page 67: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/67.jpg)
67 WallyDotBiz LLC © 2016
• ICS cyber attack scenario (INL)
o Malicious code embedded in a PowerPoint
presentation--corporate domain
o Opens a covert channel from the victim’s
computer through the corporate firewall to the
attackers on the internet
o Hijack sessions between the corporate domain
and the ICS domain
Horror stories and threat scenarios
![Page 68: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/68.jpg)
68 WallyDotBiz LLC © 2016
o Took control of pumps to overflow tanks
o Operator screens show all systems running
normally
Horror stories and threat scenarios
![Page 69: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/69.jpg)
69 WallyDotBiz LLC © 2016
• Vast majority of hacking incidents go unreported
o Inability to detect attacks
o Reasons of security
o Avoid embarrassment
o Affect stock prices
o Affect CEO ROI
Horror stories and threat scenarios
![Page 70: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/70.jpg)
70 WallyDotBiz LLC © 2016
Actions to protect business and
customers
![Page 71: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/71.jpg)
71 WallyDotBiz LLC © 2016
Actions to protect business and
customers
Regulate the heck out of it!!!!
![Page 72: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/72.jpg)
72 WallyDotBiz LLC © 2016
• Can’t afford to protect everything
o Cost of doing nothing can be much greater
o Regulatory and safety not negotiable
• Human Safety is PARAMOUNT
o Employees and Citizens
• Protect equipment if possible
o Not necessarily cost—lead time to replace
Actions to protect business and
customers
![Page 73: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/73.jpg)
73 WallyDotBiz LLC © 2016
Security Triad
Actions to protect business and
customers
![Page 74: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/74.jpg)
74 WallyDotBiz LLC © 2016
• You may be caught in the middle
o Corporate and Operational wall coming down
o IT and OT Converging
o Physical Security and Logical Security
converging
o Exciting, challenging and downright scary
• Do the basic Security 101 stuff
Actions to protect business and
customers
![Page 75: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/75.jpg)
75 WallyDotBiz LLC © 2016
• Defense-in-depth approach
• Redesign network layouts
• Validate integrity of downloads/updates/patches
• Deploy security patches AFTER testing
• Work with vendor and control systems engineer
• Restrict physical access (Physical Security)
o One mouse can bring down the kingdom!
Actions to protect business and
customers
![Page 76: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/76.jpg)
76 WallyDotBiz LLC © 2016
![Page 77: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/77.jpg)
77 WallyDotBiz LLC © 2016
• Restrict physical access (Physical Security)
o Really now!!!
o What is wrong with this picture?
Actions to protect business and
customers
![Page 78: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/78.jpg)
78 WallyDotBiz LLC © 2016
Actions to protect business and
customers
![Page 79: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/79.jpg)
79 WallyDotBiz LLC © 2016
Actions to protect business and
customers
• Good solution but…..
• Logging is a problem
• Daily clean up required
• Insurance
![Page 80: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/80.jpg)
80 WallyDotBiz LLC © 2016
Actions to protect business and
customers
WARNINGI CAN MAKE IT TO THE FENCE IN 2.8 SECONDS
CAN YOU?
![Page 81: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/81.jpg)
81 WallyDotBiz LLC © 2016
• Customize traditional security for ICS environment
• Least privilege (including vendor)
• Password management (including vendor)
• Account management (including vendor)
• VPN-two factor (including vendor)
• Who is taking care of HVAC?
• What about building monitoring systems?
Actions to protect business and
customers
![Page 82: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/82.jpg)
82 WallyDotBiz LLC © 2016
• Account lockout policy- (including vendor)
• Caution!!! Do not lock out the operator
• Application White listing
• Data diodes
• Current application updates
• Separation of duties
• Consider managed security services (MSS)
• Your core business is not IT security
Actions to protect business and its
customers
![Page 83: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/83.jpg)
83 WallyDotBiz LLC © 2016
• Assume you will be hacked and lose everything
• Ransomware = Game over!!!
• Detect, contain, mitigate and investigate
• PICERL
• NIST SP 800-61r2
• Build in Resilience and Continuity of Operations
• Do you have readily available & usable backup media?
• Automate where it makes sense
• Repeatable
• Minimize human error
Actions to protect business and its
customers
![Page 84: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/84.jpg)
84 WallyDotBiz LLC © 2016
Actions to protect business and its
customers
![Page 85: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/85.jpg)
85 WallyDotBiz LLC © 2016
Actions to protect business and its
customers
![Page 86: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/86.jpg)
86 WallyDotBiz LLC © 2016
Actions to protect business and its
customers
![Page 87: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/87.jpg)
87 WallyDotBiz LLC © 2016
Actions to protect business and its
customers
![Page 88: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/88.jpg)
88 WallyDotBiz LLC © 2016
Actions to protect business and its
customers
• What about the supply chain?
![Page 89: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/89.jpg)
89 WallyDotBiz LLC © 2016
Actions to protect business and its
customers
![Page 90: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/90.jpg)
90 WallyDotBiz LLC © 2016
• ICS security testing adverse effects
• Tools & Scans can cause machines to fail
• Serious and drastic consequences
o People can suffer serious injury or be killed
o All security testing must be well planned,
thought out and communicated to all business
units involved
• Cyber security testing can be done if planned out
eg… tcpdump, netstat, wmic….
Summary
![Page 91: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/91.jpg)
91 WallyDotBiz LLC © 2016
• SCADA overview
• Threat vectors into ICS devices
• Possible consequences once in control
• Horror stories and threat scenarios
• Actions to protect business and customer
Summary
![Page 92: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/92.jpg)
92 WallyDotBiz LLC © 2016
Helpful Links (retrieved 12 July 2016)
![Page 93: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/93.jpg)
93 WallyDotBiz LLC © 2016
• Guide to Industrial Control Systems (ICS) Security NIST
SP 800-82o http://dx.doi.org/10.6028/NIST.SP.800-82r2
• DHS ICS-CERTo https://ics-cert.us-cert.gov/
o https://ics-cert.us-cert.gov/advisories/ICSA-10-090-01
• Executive Order 13636: Cybersecurity Framework o http://www.nist.gov/cyberframework/
o http://www.nist.gov/cyberframework/upload/Workshop-Summary-2016.pdf
Helpful Links (retrieved 12 July 2016)
![Page 94: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/94.jpg)
94 WallyDotBiz LLC © 2016
• Common Cyber Security Vulnerabilities in Industrial
Control Systemso https://ics-cert.us-cert.gov/content/overview-cyber-vulnerabilities
• Seven Strategies to Defend ICSo https://ics-cert.us-cert.gov/sites/default/files/documents/Seven Steps to Effectively
Defend Industrial Control Systems_S508C.pdf
• 21 Steps to Improve Cyber Security of SCADA Networkso http://www.oe.netl.doe.gov/docs/prepare/21stepsbooklet.pdf
• Defense in Depth Strategieso https://ics-cert.us-
cert.gov/sites/default/files/recommended_practices/Defense_in_Depth_Oct09.pdf
Helpful Links (retrieved 12 July 2016)
![Page 95: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/95.jpg)
95 WallyDotBiz LLC © 2016
• Supply chaino https://ics-cert.us-
cert.gov/sites/default/files/documents/Procurement_Language_Rev4_100809_S508
C.pdf
o http://www.energy.gov/sites/prod/files/2014/04/f15/CybersecProcurementLanguage-
EnergyDeliverySystems_040714_fin.pdf
o https://ics-cert.us-
cert.gov/sites/default/files/documents/CatalogofRecommendationsVer7.pdf
o http://www.ferc.gov/media/news-releases/2015/2015-3/07-16-15-E-1.asp
• Digital Bondo http://www.digitalbond.com
Helpful Links (retrieved 12 July 2016)
![Page 96: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/96.jpg)
96 WallyDotBiz LLC © 2016
• Stuxnet, Duqu, Flame, Gaussso http://arstechnica.com/security/2013/03/the-worlds-most-mysterious-potentially-
destructive-malware-is-not-stuxnet/
o http://spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet
• DHS ICS-CERT Cyber Security Evaluation Toolo https://ics-cert.us-cert.gov/Assessments
Helpful Links (retrieved 12 July 2016)
![Page 97: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/97.jpg)
97 WallyDotBiz LLC © 2016
• ICS-CERT Trainingo https://ics-cert.us-cert.gov/Training-Available-Through-ICS-CERT
o https://ics-cert.us-cert.gov/Training-Available-Through-ICS-CERT#workshop
• ISA99 Industrial Automation and Control Systems
Security-ISA/IEC 62443o http://isa99.isa.org/ISA99%20Wiki/Home.aspx
o https://www.isa.org/training-and-certifications/isa-certification/isa99iec-
62443/isa99iec-62443-certificate-program-requirements/
o https://www.isa.org/templates/two-column.aspx?pageid=121797
• SANS ICSo http://ics.sans.org/
o http://www.sans.org/course/ics-scada-cyber-security-essentials
Helpful Links (retrieved 12 July 2016)
![Page 98: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/98.jpg)
98
Questions?
![Page 99: How do we keep the lights on when everyone has access to ... · 7/16/2016 · • Redesign network layouts • Validate integrity of downloads/updates/patches • Deploy security](https://reader034.vdocument.in/reader034/viewer/2022042415/5f2fd11f7e611d4d193bbd7b/html5/thumbnails/99.jpg)
99 WallyDotBiz LLC © 2016
How do we keep the lights on when the
switch is connected to the internet?
Thank You!