achema 2018: cyber security – why and ho · mobile app guard/patrol refinery security system...
TRANSCRIPT
![Page 1: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/1.jpg)
The cyber security for the protection of integrated ICT and SCADA systems
© General Dynamics Mission Systems. All rights reserved. 1
June 14th , 2018
Filippo SilvestriBD & Sales Manager GDGeneral Dynamics Page Europa
ACHEMA 2018: Cyber Security – why and how
![Page 2: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/2.jpg)
Introducing GD and PAGE Europa
© General Dynamics Mission Systems. All rights reserved. 2
![Page 3: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/3.jpg)
3
GD Mission SystemsEMPLOYEES: 12,500FACILITIES: 113COUNTRIES: 27CUSTOMER SERVICE 24/7
GD CorporationEMPLOYEES: 90,800About US$ 32 Billion Revenues
![Page 4: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/4.jpg)
Turn Key Systems Integration
ServicesTelecoms, Security & IT SystemsDesign, Engineering, Procurement, Integration, Validation, Test & IFAT, On‐Site Installation ‐Activities & Services, Maintenance, Training & Technical Support
CustomerBenefits
SINGLE INTERFACE & SINGLE SOURCE of RESPONSIBILITY for Engineering, Procurement & Delivery of several multi‐disciplinary fully integrated systems
REDUCED RISKS
PRICE EFFECTIVE Projects
DELIVERING “Right First Time”, ON‐TIME & ON‐BUDGET
PAGE Europa Offer
© General Dynamics Mission Systems. All rights reserved.
![Page 5: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/5.jpg)
Port & Airport AuthoritiesDubai & Abu Dhabi (UAE), Oman,Italy, Kingdom of Saudi Arabia
Oil & Gas CompaniesQP (Qatar), Ras Gas (Qatar), BP, SHELL, ExxonMobil, ENI, NESTE OIL, ADCO (UAE), AGIP KCO (Kazakhstan), KPO (Kazakhstan), SONATRACH (Algeria), Anadarko (Algeria), SABIC‐YANBU (KSA),
PDO (Oman), SCOP (Iraq)
Ministries of Interior/Defence& Government AgenciesTurkey, Poland, Portugal, Germany, The Netherlands, Greece, UK,
Norway, Belgium, UAE, Italy, Albania
EPC & PMC ContractorsPETROFAC, KBR / KELLOGG, AMEC, WorleyParsons,
FLUOR, CB&I, JGC, HYUNDAI HI,AKER KVAERNER / SOLUTIONS, BECHTEL, TECHNIP, SAIPEM /
SNAMPROGETTI
NATO AgenciesNCIA, NC3A, NAMSA, NACMA,
SHAPE, AF South, AF Cent, AF North
Page Europa Main customers
© General Dynamics Mission Systems. All rights reserved.
![Page 6: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/6.jpg)
Ver 2016.01.20 © General Dynamics Mission Systems. All rights reserved. 6
![Page 7: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/7.jpg)
© General Dynamics Mission Systems. All rights reserved. 7
On‐Shore Security Control Room
Harbor Master Control Room
Khalifa Port (UAE)
![Page 8: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/8.jpg)
© General Dynamics Mission Systems. All rights reserved. 8
• 450 km of FO Cable• 105 wireless LAN access points• 70 network switches• 230 Access control points• 34 Security Gates • 350 CCTV Cameras• 200 UPS Systems• 400 km PIDS
Page Europa prime contractor for Security & Telecom Systems
BP Khazzan Gas (Oman)
![Page 9: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/9.jpg)
9
Next Generation Security Systems
Panic Button
RADARPIDSFire\SmokeWaterHRAccess Control
Environmental Monitoring
ParkingVMS System
Sensor & Sub Systems
Platform InfrastructureSite
ManagerSite
ManagerDB
ManagerDB
ManagerUser
ManagerUser
ManagerWork ForceManager
Work ForceManager
ReportGeneratorReport
Generator ……
IT/OTIntegration
IT/OTIntegration CorrelationCorrelation AnalyticsAnalytics Smart
PredictionSmart
PredictionRulesEngineRulesEngine
ProcedureManagerProcedureManager
SimulationManagerSimulationManager
System of Systems
Sensor & Sub‐Systems Agnostic
MobileTeam App
User AppManagerDashboard
DepartmentSituationManagement
Command & Control
Situation Management
© General Dynamics Mission Systems. All rights reserved.
![Page 10: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/10.jpg)
10
Refinery: one holistic system
Physical Identity & Access
Management
Security Systems
Screening Device
1
2
Visitors management
3
External systems
Health Monitoring3
RIL GIS4
Local Management
Users
Security/Safety Personal
1
Executive Management3
2
Mobile App
Guard/Patrol
REFINERYSECURITYSYSTEM
SCADA1 Master HR
Attendance Systems
2
Access Events & Alarms
Emergency alarm – using attached manual alarm button
Alerts & Warnings
Alerts from Production sensors
Employee Information
Site layouts Geo Locatedinformation
Location, task, status, panic button, photo/video
Web Client
Electronic Fence4
VMS and Analytics5
Fire alarm6
Social media7
Web Client
Web Client
Intrusion Indication
Emergency alert
Video, alerts
Fire Alerts
Social MediaAlerts
Disaster mngmt-Fire alarm, Flooding
alarm
5
Alarms Status of connected systems
© General Dynamics Mission Systems. All rights reserved.
![Page 11: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/11.jpg)
About subject…
© General Dynamics Mission Systems. All rights reserved. 11
![Page 12: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/12.jpg)
14
Vulnerabilities by ICS Component Types
In the last years, the most vulnerable Industrial Control Systems components were HMI –Human Machine Interface, Electric Devices and SCADA systems. The “Electric Device” category consists of distance protection devices, gas detectors, pumps, power analyzers, reclosercontrol and relay platform units.
The graph demonstrates the vulnerability severity distribution for different types of ICS components.
(Karspersky Lab, ICS Vulnerabilities Statistics)
![Page 13: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/13.jpg)
Rapid Digital growth
15
500BIn 2030
50BIn 202015B
Devices Today
![Page 14: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/14.jpg)
Incidents – Chronological Perspective
16
![Page 15: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/15.jpg)
Incidents – Chronological Perspective
17
![Page 16: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/16.jpg)
Incidents – Chronological Perspective
18
![Page 17: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/17.jpg)
Industry 4.0
19
![Page 18: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/18.jpg)
Industial IoT TRUSTWORTHINESS
20
![Page 19: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/19.jpg)
Traditional security vendors are dependent on signature-based technology. Their research teams explore cyberspace, catalog threats, attack vectors, vulnerabilities, signatures, and other techniques to learn how attackers think and design their attacks. Then, vendors push regular updates our to their customers that are designed to alert when they recognize a familiar threat pattern. This concept of "blacklisting & shipping" is, in fact, a losing war, as it cannot deal with what is unknown.
Next came the next-generation technologies - decoy honeypots, containment, behavioral detection, machine learning and artificial intelligence.Additional technologies focused on detecting threats via their attack vector. Yet the threats continue to get through - bypassing security technologies layer by layer, until reaching their final destination - endpoints and servers. Once the malware reaches their destination, the damage stage of the attack begins: deleting files, altering data, data exfiltration or data encryption.
Ver 2016.01.20 © General Dynamics Mission Systems. All rights reserved. 21
Cyber Security evolution – It’s an hard challenge
![Page 20: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/20.jpg)
Ver 2016.01.20 © General Dynamics Mission Systems. All rights reserved. 22
Cyber Security evolution – It’s an hard challenge
A new security paradigm seems to be the solution, in order to prevent any future threats, without actually having to know anything about the threat in order to prevent it.A solution designed on following assumptions:1. The attacker will eventually find a way to bypass all security means;2. The threats are already inside, undetected.
Relying on the operating systems behavioral patterns map, it distinguishes between “good” and “bad" actions, detecting and preventing any malicious activity – regardless the threat type, attack vector and origin.
![Page 21: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/21.jpg)
The solution
© General Dynamics Mission Systems. All rights reserved. 23
![Page 22: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/22.jpg)
![Page 23: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/23.jpg)
The biggest challenge in today’s digital era is to effectively deal with both current and
future threats
- while knowing nothing about them.
![Page 24: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/24.jpg)
ABOUT NYOTRON
NSRC Established First Patents First Product Ships US HQ Established Global War RoomFounded in Israel
FoundedFounded 20122012 20132013 20142014 20152015 20162016
Employees Worldwide
50In USA and Israel
2 Offices
![Page 25: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/25.jpg)
THE EVOLUTION OF SECURITY
THE KNOWN
Traditional AV
THE KNOWN UNKNOWN
Next Gen Technologies
THE UNKNOWN
UNKNOWN
??
Threat-agnostic Defense
![Page 26: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/26.jpg)
THE COST OF ATTACKS
$8.6M
Cost of attack
per company
$500B
Cost of global
cyber activity
1
New threat
per second
E-MAIL BAD USB BROWSING UNKNOWN
90%
Of enterprises contain malware in
their network
![Page 27: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/27.jpg)
F IRE WALLS
NAC
Perimeter Endpoint
Proxy
Web Filtering
Sandbox AntiBot
Applicationcontrol
DDoS
SMTP AV
File sanitation
IPS
WAF
Anti spam SSLInspection
Decoy AV
HDLP
HIPS
DLP
THE inv e s tmen t p a r adox
IDS
80% 20%
Your data
![Page 28: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/28.jpg)
Paranoid: Threat-agnostic Defense ™
Protects Your Data Regardless of Type of Threat or Attack Vector
Effectiveness Doesn’t Rely on Prior Knowledge About the Threat
Assumes Threats are Already Inside or Will Bypass Security Layers
Acts as Last Line of Defense
Holistic Approach - Detect. Prevent. Respond. Analyze.
![Page 29: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/29.jpg)
THE NYOTRON DIFFERENCE
Threat-agnostic Defense ™ Approach
.
Attack Method
Payload
Infection
Damage
Drive By Download
Buffer Overflow
Cross-Zone Attack
Heap Spray
Privilege Escalation
Cross-Site Scripting
Symbolic Link Race
Metamorphic Code
DLL Hijacking
Format Strings
Macros
Polymorphic Code
Click jacking
Buffer Overrun
File System
Network
Registry
Process Management
Drive By DownloadBuffer OverflowCross-Zone AttackHeap SprayPrivilege EscalationCross-Site ScriptingSymbolic Link RaceMetamorphic CodeDLL HijackingFormat StringsMacrosPolymorphic CodeClick JackingBuffer OverrunLIM
ITED
INFINITE
11
22
33
44
![Page 30: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/30.jpg)
Behav i o r mapp ing t e chno l ogy (BPM)
GOOD
GOOD
File Deletion
GOOD GOOD
BADBAD
GOOD
![Page 31: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/31.jpg)
INDEPENDANT PERFORMANCE REPORT JULY 2016
“Nyotron Paranoid solution is focused on zero-day attacks prevention
when all other protection measures were exhausted".
100% of the tested ransomware were not able to cause damage to data
100% of the tested malwares were not able to cause any damage.
Paranoid system could handle 1000 simultaneous threats.
No performance or user experience issues were detected.
![Page 32: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/32.jpg)
Operational & BUSINESS MODELS
CHOOSE YOUR MODEL
WE MANAGE22
PARTNER (MSSP)33
YOU MANAGE11
OPERATIONS VIEW
FORENSICS VIEW INCIDENT VIEW
ACTIVITY MANAGEMENT MONITORING & ALERTING
CRISIS RESPONSEINTELLIGENCE
GLOBAL
WAR ROOM
![Page 33: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/33.jpg)
We have a great success with Paranoid as a service. Nyotron’s Global War Room center helping us through detection and remediation handling. Acknowledging the fact that our traditional security means, such as Anti-Virus and Firewall
systems, cannot protect against Zero-day attacks and APTs, it is a fact that our security posture went up by having Paranoid on board…
CISO, Major US Law Enforcement Agency
![Page 34: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/34.jpg)
PARANOID SERVER
Appliance / Virtual / Cloud
NYOTRON VISIBILITY
Alert, Monitor, Report, & Activity Management
NYOTRON endpoint protection PLATFORM
PARANOID AGENT
Three ways to get Threat-agnostic Defense ™ - You Manage, Nyotron Managed or Partner Managed
PARANOID WAR ROOMPARANOID WAR ROOMPARA
NO
ID P
ROD
UC
TSPA
RAN
OID
PRO
DU
CTS
MAN
AGED
DEF
ENSE
SER
VIC
ES
MAN
AGED
DEF
ENSE
SER
VIC
ES
NYOTRON INTELLIGENCE
Above Plus Intelligence
NYOTRON IR
Above Plus Incident Response
11
22
33
![Page 35: ACHEMA 2018: Cyber Security – why and ho · Mobile App Guard/Patrol REFINERY SECURITY SYSTEM SCADA 1 Master HR Attendance Systems 2 Access Events & Alarms Emergency alarm – using](https://reader034.vdocuments.us/reader034/viewer/2022051607/602d62737d6b1b158944a960/html5/thumbnails/35.jpg)
Thank you for your attention!
© General Dynamics Mission Systems. All rights reserved. 37