Eric Byres leads cyber security webinar
Image: iStockphotoIn an OE exclusive webinar, readers were able to ask questions and listen to a live presentation with security expert Eric Byres, a SCADA specialist at Tofino Security.
The forum, moderated by Industrial Safety and Security Source editor and founder Greg Hale, delved into the intricacies of the Stuxnet worm and its descendants Night Dragon and Shamoon, as well as reader suggested topics regarding internet availability on offshore facilities and the helpfulness of anti-virus programs.
In his presentation, Byres said that he found the Stuxnet worm particularly fascinating, calling it the worm of the future. Stuxnet infected approximately 100,000 computers and crippled the nuclear centrifuges at Iran’s Natanz facility.
“Stuxnet was successful because it had so many ways to get in,” Byres said. “Complex systems gave the bad guys multiple entry ways.”
Despite being one of the most secure control system networks, the Siemens PCS7 was infiltrated via multiple points of access including removable drives such as USB ports and portable hard drives, and even the print server.
“The scary part is we can’t just plug one hole, we have to do a lot more,” Byres said. “Stuxnet is not the thing that I feared; it’s the training ground that we’re dealing with today.”
Byres discussed the Advanced Persistent Threats spawned by Stuxnet that are designed to lay low and steal information from critical systems. Byres and Hale referred to the damage Stuxnet’s descendants Night Dragon and Shamoon caused (OE January). In particular, Shamoon, which was launched last August, took down over 30,000 computers at Saudi Aramco.
A reader inquired further about network segregation, which keeps regular email and web surfing networks separate from secured data and production processes networks. Byres said that while defining zones is the right direction, the problem is detecting and managing information flows from network to network. Using removable drives such as USBs, laptops, and CDs across the secured zones generally opens the door to attack if not properly monitored.
“Thinking we’re going to isolate ourselves from all malware and viruses, is like thinking I’m going to be isolated from the common cold for the rest of my life,” Byres said. “We need to look at that biological model and how we deal with the bad stuff when it gets in.
“If we don’t get security nailed down within the next 5-10 years, we won’t have the safety or the reliability we’ve become used to.”
The complete OE Exclusive webinar, featuring Eric Byres and Greg Hale, can be viewed here:
http://www.mediasolvewebcast.com/mediasolvegroup/EA52D685804A
Subscribe
