Download - Industrial Security Poster
0111001110101101101010101001110101
1
1011
0 0
010
0
01
0
101
0 1 01
01
01
01
10
01
1
01
1 0
111
1
101
1
101
0
101
1 00
1
11
01
11
01
1
10
0 1
01
0 1 0 0
11
10
01
11
01
1
01
1 0 1
01
0 0
10
0 0 01
11
0 0 0 1 1 1 0 1 11
00
11
0 1 1 1 0 1
01
0 11
00
01
11
1
01
1
01
1
01
1 0 1
01
0 01
10
00
1
00
01
0 1 0
1
0 0 1
01
1
01
11
01
111
10
101
1
101
0
101
1 0
1
1
101
1
101
1
010
00
10
101
01
1
1 0
1
0
1110101
0
1
HACKER TYPES
BLACK HATCriminal intent,elite training,experts in their fi eld.
GRAY HATWant to make people aware of security loopholes, operate in a legal gray area.
WHITE HATNo criminal motivation,searching for security loopholes,considered security researchers.
WHAT TYPES OF HACKER ARE THERE?
010010100101010111010100100100
010101101010101011010101010001
001010010101011101010010010001
010110101010101101010101000100
101001010101110101001001000101
011010101010110101010100010010
100101010111010100100100010101
WHICH TOOLS AND TECHNIQUES DO POTENTIAL HACKERS USE?
From smartphones in the production environment, extranet and/or cloud
components
COMPROMISATION
EXPLOITATION OF EXTERNAL ACCESS
For example, by means of remote maintenance systems,
or networking with suppliers or consumers
Unauthorized access to information or to the technical infrastructure,
for example due to personal contact or internal sabotage
SOCIAL ENGINEERING OR HUMAN ERROR
The attackers’ toolbox
Office networks, intranet and/or external hardware captured via the Internet
INFECTION WITH MALWARE
TECHNOLOGYUnencrypted protocols
Access to data and processes via smartphone
Outdated software systems anda lack of security updates
Control components directly connected to the Internet
Non-secure exchange of datainside the business networks
Connections for remote maintenance systems
ORGANIZATIONUnsecured confi gurations of network components (routers, fi rewalls, switches, etc.)
Insuffi cient patch management
Insuffi cient awareness of and too little expertise in IT securityin the company
WHAT POTENTIAL WEAK POINTS DOES MY COMPANY HAVE?
HUMANUnauthorized access to sensitive areasof equipment, switching cabinets,network components
Unauthorized access to production data
Careless use of the IT system
What standards &
guidelines are there?
Outdated software systems andOutdated software systems anda lack of security updatesa lack of security updates
Control components directly connected to the Internet
Non-secure exchange of datainside the business networks
WHAT TYPES OF HACKER ARE THERE?
What standards &
guidelinesare there?
guidelinesare there?
guidelinesConnections for remote maintenance systems
What standards &
guidelinesare there?
guidelinesare there?
guidelinesinside the business networks
Connections for remote maintenance systems
What standards &
guidelines are there?
guidelinesare there?
guidelinesstandards &
guidelinesare there?
guidelinesare there?
guidelines are there? ...
0000
0
0
000
0
0
1110110100101110101
1010101001
01110
1011
010101
101110
1011
111010
1
1011110
01011
1010100
010101
1100
1010
1010
1110
11101
01010
10011
001
01
0111010101
01011
0111010101
111110101
1110101010
111110101
0101010101
1101110100
1001101
1101110101
10011110101
1110101101
10011110101
1110100101
0111110101
1010101001
011001
0111010011
111110101
1001010100
1001101
1010100101
011
0101010100
1001101
0111011101
0001101110101
0111010101
111110101
1011101010
001110101
0000111110
001110101
1110110100
10101
1010101001
01
0111010101
11101011
0101010000
101
1011101110
011101011
1110101010
110101
1011110101
1011101011
1010100101
01
010101001
0101
110010100
1110101
1010010
01
1010
01
11
0101110101
11
100101110101
01
011100111010
10
001010100101110101
01
001011101011
01
0101110101
1110101
011110101
01010101
110111010
10101
1101110101
101110101
1110101101
101110101
1110100101
01110101
1010101001
0101
0111010011
1110101
1001010100
10101
1010100101
01
0101010100
10101
0111011101
00101110101
0111010101
1110101
1011101010
001110101
0000111110
001110101
1110110100
10101
1010101001
01
0111010101
11101011
0101010000
101
1011101110
011101011
1110101010
110101
1011110101
1011101011
1010100101
01
0101010010
0101
1100101000
110101
1010010111
1010010111
1110101010
110101
1110101010
110101
01010
10011
101
01110
01110
11101
01010
11011
11011
1
11101
1
11101
10101
01110
10010
10101
0101010100101110101
0111011101010100101110101
AM I AN INTERESTING TARGET FOR ATTACK?
DATA CAN BE STOLEN.EQUIPMENT CAN BE MANIPULATED.
01
1 01
01
1
0111
111001
010111
0101010
01110101
01010100101110101
10101001011110101
0101011
110100101110101
11010101001011101
10110101001011101
10010101010111010
10100101110101
01001100101110101
010100101110101
1001011101010
10
01
11 0
1 00 0
010
01110101
10101001011101
100001110101
01110100101110
1010010111010
01010100101110
0101110101
0
01
EQUIPMENT CAN BE MANIPULATED.
1110101
110101
00010111010
11101
EQUIPMENT CAN BE MANIPULATED.1EQUIPMENT CAN BE MANIPULATED.11EQUIPMENT CAN BE MANIPULATED.1
110101
01110101
1 1
00
11 0
1
01
0 01 1
1
010
01010
00101
0101
1010100
101010
1110
1100
0 1
1
0101
0000
1110
1101 0 0
1
111
010
010
101
THE PRIMARY CAPITAL OF MY COMPANY IS …
DOES IT AFFECT ME?
The gates of the production facilities are open.
Can unauthorized people easily gain access?
The gates of the production facilities are open.
The gates of the production facilities are open. I use mobile devices.
Are they used to access production data?
I am networked to my external customers and suppliers.
Are these connections secured appropriately?
My colleagues in production work with PCs.
Are there guidelines, relating to password creation,
for example?
My colleagues in production My colleagues in production My colleagues in production
Production IT and offi ce IT are two different systems.
How is the data exchanged between them?
Production IT and offi ce IT areProduction IT and offi ce IT areProduction IT and offi ce IT areProduction IT and offi ce IT areProduction IT and offi ce IT are
PCs are connected to the Internet.
How can I protect them from malware?
PCs are connected to the Internet.
PCs are connected
How can I protect them How can I protect them
1
to the Internet.to the Internet.
How can I protect them How can I protect them
PCs are connected PCs are connected to the Internet.to the Internet.
PCs are connected PCs are connected
UPDATES
In my company, widely-distributed
software licenses are used.
Is there an effective software update policy
to minimize security vulnerabilities?
QUALITY, PERFORMANCE, AVAILABILITYSensitive processes that could lead to considerable damage if they malfunction.
KNOW-HOWKnowledge that could be interesting to third parties.
111001110101101101010101001110101
10101000011100101011101010100101110
100
01
100
111
011
101
011
011
101
1
111
101
101
101
101
101
000
101
101
101
101
0
111
010
000
110
100
110
011
110
101
001
010
110
101
001
011
000
100
111
011
11
000
110
100
101
111
101
100
100
01
01
101
111
101
101
101
000
101
101
111
00
100
011
101
001
110
101
001
011
000
10
111
011
111
000
110
100
101
111
101
10
100
011
011
101
111
101
101
101
000
101
101
101
101
0
111
010
000
110
100
110
011
110
101
001
010
110
011
101
011
001
111
011
101
000
110
100
010
111
1
01111010110111011010101010010111010
11110000111011011011101110101010010
01
10
10
01
0 1 1 1 0 0 1 1 1 0 0 0 1 1 1 0 0 1 1 1 1 1 1 1 0 1 1 1 0 0 1 1 1 0 1 1 1 0 0 1 1 1 0 0 0 1 1 1 0 0 1 1 1 1 1 1
101
101
011
011
111
1 0 0 0 0 1 1 000 1 0 0 0 0 1 DOES IT AFFECT ME?10
1 1 11
10
10
10
1 10
01
01
10
1 1 11
10
10
10
1 10
01
01
10DOES IT AFFECT ME?
1 0 0 1 1 1 0 0 0 1 1 1 0 0 1 1 1 1 1 1 1 0 1 1 1 0 0 1 1 1 0 1 1 1 0 0 1 1 1 0 0 0 1 1 1 0 0 1 1 1 1
101
110
010
1 010
010
110
011
011
010
1 110
01
111
101
011
1 101
101
101
101
0 010
110
110
110
010
011
011
111
101
110
010
1 010
010
110
011
011
010
1 110
01
111
101
011
1 101
INDUSTRIAL