industrial cybersecurity & scada hacks presentation
TRANSCRIPT
SCADA Cyber Security Attacks & & Mitigation
Presentation Friday 8th 2016
Gavin Davey B.S.c (Hons 1st),
CRISC, CEH, CISA, ISO RM, CLSSP, CCNP
What is different?
• SbD
• Air gaps
• Network segmentation
• Security Programme and policies
• Risk Management
• Regular audits
• On-going pen testing & gap analysis
Real world examples • 2000 – Gazprom, Russia
– Gas control lost for 1 week
• 2001 – Australian treatment plant – 246, 000 gallons sewerage released
• 2003 – US Power – 50 million people affected
• 2003 – Ohio Nuclear Plant – Slammer worm
• 2008 – Lodz city – 4 trams derailed
• 2012 – Aramco – 10% of worlds oil
• 2013 – Dragonfly with malware – Havex/Energetic bear
• 2 weeks ago -Ukrainian power grid – 70, 000 homes affected