Minimizing Cyber Security Threats to the Simulator (17-Jan...
Transcript of Minimizing Cyber Security Threats to the Simulator (17-Jan...
Minimizing Cyber Security Threats to the Simulator
17 January 2017 Bernard Gagnon
Sales Manager
2017 Power Plant Simulation Conference (PowerPlantSim’17)
© 2017 L3 MAPPS. All rights reserved.
Topics
• Introduction
• Simulator Architecture and Technologies
• Simulator Network Security
• Conclusions
2
This presentation is not meant to be all-‐inclusive on cyber security. L3 MAPPS is sharing some of its thoughts and approaches for your consideration.
Introduction
© 2017 L3 MAPPS. All rights reserved.
Introduction
• Follow up on the PowerPlantSim 2016 presentation
– Protecting IT Assets: Simulator Security in a Changing World
▪Focused on L3 MAPPS’
–Mechanisms for customer data protection
–Network security
–Internal processes
• This presentation focuses specifically on simulator security
• Goal is to share some thoughts and provide you with something to think about…
4
© 2017 L3 MAPPS. All rights reserved.
Introduction
• Data breaches across all industries are frequently occurring • Small and large companies are at risk • Personally identifiable information as well as company proprietary data is being targeted • Power plant sites are not immune to these attacks • Nuclear industry is mandating stricter, more comprehensive cybersecurity controls on plant systems • Cybersecurity protection enhancements should also be considered for training simulator systems • With global workforces and remote collaboration, remotely accessible simulator development systems and documentation, Internet access is inevitable
• Information security and information sharing are opposing forces – The goal is to allow cyber defenses to allow secure sharing
5
© 2017 L3 MAPPS. All rights reserved.
Natanz Nuclear Facility Stuxnet Attack o Customized malware for control systems o Infected USB flash drives used to
perform updates on control systems o Took one year to discover the malware
Cyber Attacks (Examples)
6
KHNP Cyber Attack o Details of the security breach not public o Hackers publishing blueprints on nuclear
reactors on the Internet o Leak did not impact the reactors
Ukraine Power Grid Attack o Destructive “BlackEnergy” malware o Shut down power grid for 6 hours, 80K
customers affected o Spear phishing via corrupted WORD
document
Yahoo! Emails Data Breach o 500M accounts compromised o Yahoo! has not yet identified the
intrusion associated with the theft
JPMorgan Chase Co. – Stock Trading Service o Hackers entry through a “neglected” server
(not updated with latest IT security updates) o Hackers stole the login credentials of an
employee to gain access o Personally identifiable information of more
than 83M customers accessed
Inform
ation on
this slide is simplified and
is for illustrative pu
rposes only.
US Office of Personnel Management Hack o OPM announces data breach in June 2015 o Personally identifiable information of 18M
breached o One of the largest breaches of government
data in US history
© 2017 L3 MAPPS. All rights reserved.
Quick Facts
• Tripwire survey (November 2015) of 150 information technology workers
– More than 75% reported that their companies in the oil, natural gas and electricity sectors had experienced at least one "successful" cyberattack in the past 12 months
▪Meaning intruders were able to breach one or more firewalls, antivirus programs or other protections
– More than 80% believe a cyber attack will cause physical damage to critical infrastructure
– 50% said the number of attacks have increased in the past year
7
© 2017 L3 MAPPS. All rights reserved.
Quick Facts
• Source: www.hackmageddon.com
8
Simulator Architecture and Technologies
© 2017 L3 MAPPS. All rights reserved.
Example Simulator Network
10
© 2017 L3 MAPPS. All rights reserved.
• Simulation servers
• Computers
– Engineering workstations, instructor stations, HMIs
– Classroom simulators
• Main (and auxiliary) control room hardware panels
– I/O system with Programmable Logic Controllers (PLC) and/or controller boards
– Smart devices with embedded logic, including firmware
• Peripherals
– Printers, projectors, smart TVs, etc.
• DCS / PPC / HMI
– Stimulated or simulated
– Using commercial-‐off-‐the-‐shelf computers or OEM vendor specific hardware
• Audiovisual system equipment
– Cameras (Analog and/or IP)
– Microphones (ceiling, lapel, etc.)
• Wireless Access Point(s) (WAP)
Typical Simulator Hardware
11
© 2017 L3 MAPPS. All rights reserved.
Simulator Technologies
• Simulators are composed of various hardware components and technologies
– Commercial-‐off-‐the-‐shelf
– Custom and proprietary hardware components
• Technologies from different generations
– Communication and interfaces
▪Ethernet, Wi-‐Fi, etc.
▪Bluetooth, USB, etc. ▪Serial (RS-‐232, RS-‐485, etc.) ▪etc.
– Operating systems types and versions
▪Windows (Windows XP, Windows CE, Windows Server 2012, Windows Server 2016, etc.), UNIX, Linux, etc.
▪Other operating systems for DCS computers, I/O system, etc.
12
© 2017 L3 MAPPS. All rights reserved.
Simulator Data and Software
• Plant Data – Piping & Instrumentation Diagrams – Electrical Diagrams – Operating Procedures – Safety Analysis Reports – etc.
• Training Data – Lesson Plans – Test results – Exams
• Software – Simulator configuration (models, databases, source code, tools, etc.) – DCS, PPC and HMI – PLC logic – Third-‐party-‐software (including freeware)
13
Simulator Network Security
© 2017 L3 MAPPS. All rights reserved.
Simulator Network Security Objectives
• Ensure training continuity
– Simulator needs to be available for training with all components running as needed
▪Hardware and Software • Prompt recovery from various undesired events (avoid or reduce simulator downtime)
– Hardware
▪Examples: computer/server disk failure, power supply failure, bad network connection, etc.
– Software
▪Examples: simulator crash, configuration management issues, etc.
• Intellectual Property (IP) protection
– Owner/operator information, OEM data, simulator vendor proprietary software and other third-‐party software and sensitive information
15
© 2017 L3 MAPPS. All rights reserved.
Previous Way of Protecting the Simulator Network
• Standalone or islanded system (considered safer)
• Static installation (inefficient patching and antivirus updates)
• Single administrator account with weak password
• Open SQL database
• No simulator network monitoring
• Poor IT system management/maintenance
• Basic recovery mechanisms
– Assuming that restoring a backup image of the infected computer solves the situation
– Does not consider IP protection
– Does not consider exam security protection
16
© 2017 L3 MAPPS. All rights reserved.
New Reality: Internet Of Things
• What is it?
– Internet of Things is the network of physical objects or "things" embedded with electronics, software, sensors, and network connectivity, which enables these objects to collect and exchange data
• Examples
– Smart phone watches, wireless key locators, speakers, conference room automation systems, Smart TVs
• What are the concerns?
– Lack of wireless connectivity security standards
▪Vector for hackers to infiltrate networks and personal information
– In the business world
▪Without proper controls, unsecured devices could be connected to business networks by employees without realizing it (e.g. USB power charging)
17
© 2017 L3 MAPPS. All rights reserved.
Simulator is at Risk
• Potential entry points
– Smart devices
– USB ports and devices (mass storage, peripherals, etc.)
– Bluetooth devices
– Wireless network
– Audiovisual equipment
▪IP Cameras
▪Smart TVs
– etc.
18
© 2017 L3 MAPPS. All rights reserved.
Other Simulator Risks
• Old operating systems
– No up-‐to-‐date security fixes
• Use of unapproved freeware
– Examples: Screen capturing, editing utilities, steam tables, etc.
• Software and/or hardware components supplied by entities that are not well known
– Firmware, embedded software
– Unknown software/version
19
© 2017 L3 MAPPS. All rights reserved.
Most Common Cyber Attacks
• Socially engineered Trojans
– Downloading fake legitimate software such as antivirus or other freeware
• Unpatched software
– Old versions of software without the latest security patches
– Examples: Old versions of Adobe Reader, Java, etc.
• Phishing attacks
– Through spam emails or websites
• Network-‐travelling worms
– Programs moving through network exploiting shared network resources
• Advanced Persistent Threats (APT)
– Stealing of Intellectual Property using Trojan files
20
© 2017 L3 MAPPS. All rights reserved.
Consequences of Cyber Attacks on the Simulator
• Simulator software not functioning as needed
– Simulator down
– Some software components not loading or not functioning correctly
– Communications problems between computers and/or servers
– Random simulator behavior
– Simulator hardware could be damaged if infected software communicates with hardware
• Loss of valuable IP
– Owner/operator information
– Third-‐party IP
• What about exam security if a port of entry is opened?
21
© 2017 L3 MAPPS. All rights reserved.
Suggested Network Security Strategy
• Deployment of firewall to control inbound/outbound communications between simulator network, corporate network and others (if any)
– Remote access to the simulator requires two-‐factor authentication, SSL connection
• Integration with corporate IT
– Centralized, managed antivirus system with real-‐time alerting to corporate IT
– IT process to test and deploy critical security patches to simulator network
– System monitoring tools
– System hardening procedures
• Controlled Internet access/USB mass storage device blocking
• Individual user accounts with different access privileges for simulator activities
22
© 2017 L3 MAPPS. All rights reserved.
Suggested Network Security Strategy
• Wireless devices and other smart devices
– Change all default usernames/passwords on OEM components
• Formal procedures to roll out system updates
• Mandatory reporting of cybersecurity incidents
23
Conclusions
© 2017 L3 MAPPS. All rights reserved.
Conclusions
• Cybersecurity threats are real and constantly evolving
• All industries, including nuclear, are being targeted
• Training simulators hold sensitive information that needs to be protected
• Simulator systems need to be managed with the same care as other IT systems
• Need to leverage corporate IT security expertise and infrastructure
• Employees need to understand need for enhanced IT security
25
Thank you
L3 MAPPS 8565 Côte-de-Liesse
Montréal, Québec, CanadaH4T 1G5
Tel: +1 (514) 787-4999 Fax: +1 (514) 788-1442
Web: www.L3T.com/MAPPS LinkedIn: L3 MAPPS
2017 Power Plant Simulation Conference (PowerPlantSim’17)