Cyberattacks on a marine context (NATO Congress 2011)

•

0 gefällt mir•607 views

flagsolutions

Technologie Business

A.P.T.
Cyberattacks
on a marine context

Gutiérrez A.
Corredera L.E.

Goal of the talk

Identiﬁcation of potential security ﬂaws on a
marine context using the most recent asset-
oriented hacking techniques.

Potential scenarios pirates could pursue targeting a vessel:

1- Compromised communications.
2- Malfunctioning/Sabotage of PLC systems
3- GPS precise ﬂeet position discovering

Key concept

A.P.T. (Advanced Persistant Threat): Refers to a group with
both the capability and the intent to persistently and effectively target a
speciﬁc entity.

Advanced: Intelligence-gathering techniques

Persistent: Not opportunistic

Threat: Capability and Intent

Are sea pirates an A.P.T.?

Persistent: Hijacking from early 90s.
Threat: 53 ships on 2010

But...could they become
Advanced?

Cyberattacks makes them Advanced

Intelligence-gathering: Information Systems Intrusion

Communications interception: Fake base station techniques

Satellite Imaging: Google Maps, Bing...

Classic Cyberattacks: IP oriented

Every device connected to the Internet has an IP address

Basic steps of a “classical” Hacker (Not Persistent)

IP ranges scan for listening services

Target Characterization

Investigate vulnerabilities and exploits

New Cyberattacks: Asset oriented

Asset oriented search engine.

Basic steps of a “Persistent” Hacker (Addressed to a certain target)

Search for a concrete target in Shodan: e.g. Router Model

Find exploit in Shodan

So much faster and straightforward technique!

DEMO: Quick hacking session

Search for USAL assets: hostname:usal.es

Find vulnerable ones. (But be nice to them :)

http://www.shodanhq.com

How all this apply to a marine context?

http://www.zynetix.com/index.php?/solutions/maritime-gsm/

Potential security flaws

Communications Intelligence
Sabotage
Interception gathering

Communications interception

By Tsaitgaist [see http://commons.wikimedia.org/wiki/File
%3AGsm_structures.svg for license], via Wikimedia Commons

Communications interception

A5/x No real time. Look up tables
Needs saved CUDA/GPUs Very costly
Cryptoanalysis transmission.
Fake base Micro BTS
Close to the target Freq.inhibitor for 3G Less than 10k€
station openBSC, openBTS
Cellphone Close to the target Motorola C123,155
baseband No GPRS by now
OsMoComBB Less than 13$!!!
modification Experimental

Sabotage

Stuxnet Very sophisticated. 4 Zero-days
Deeply targeted at vulnerabilities. Extremely
(Infects PLCs PLCs. 2 stolen digital expensive
from FieldPGs) Spionage certificates.
Needs a infection
ScadaTrojans pathway to install a
Inspired by Stuxnet
(Infects PLCs but “Low cost”
client side modified Cheaper
from SCADAs) file.
3 Zero-days.

Intelligence gathering

http://newdata.es/sistemas-de-navegacion-maritima/

Intelligence gathering

Electronic
Chart
Display and
Information
System

http://newdata.es/sistemas-de-navegacion-maritima/

Intelligence gathering

A Vessel is usually part of the Internet..

Intelligence gathering

A Vessel is usually part of the Internet..

And can be hacked as regular servers!

Intelligence gathering

Internet connection.
Depends on
Asset oriented Computer.
manufacturer’s
Classic hacking Extremely cheap
hacking security
tools.

DEMO: Quick assets oriented search session

Membrane Biological Reactor, Merchant Vessels, Worldwide
Control system solution comprises: Siemens S7-300 PLC with MP
HMI and S7-200 PLC based control systems and networking for the
water treatment systems.

Search for Maritime related assets:

Zynetix MaritimeGSM, S7-300, advantech

http://www.shodanhq.com

Conclusions

Pirates should be considered an APT.
They could virtually use Cyberattacks to hijack vessels
more easily.
Complex Cyberattacks are more and more affordable.
A ship may become practically speaking an Internet
node with all its risks (should be managed).
Let’s be in the look out!

THANK YOU!

{alberto,luisenrique}@flagsolutions.net
Twitter: @albertoflag , @lencorredera

Weitere ähnliche Inhalte

Andere mochten auch

Infant and toddler year part onekajani1991

Madd 2007kajani1991

Presentazione Laura Pausinimarty92

Politieraad 25 maart 2013 zvr iv nipCarl Vyncke

Individual gckajani1991

Jessie's powerpointkajani1991

Assiment moral 2014Sulocana Sheila

Engagements cepcharlottebd

The reflection paperkajani1991

Windows Phone ASO - App Store OptimizationMika Levo

Pluralism powerponitJanet Villaroya

MusicaDiianiithaa Diiazz

Andere mochten auch (12)

Infant and toddler year part one

Madd 2007

Presentazione Laura Pausini

Politieraad 25 maart 2013 zvr iv nip

Individual gc

Jessie's powerpoint

Assiment moral 2014

Engagements cep

The reflection paper

Windows Phone ASO - App Store Optimization

Pluralism powerponit

Musica

Ähnlich wie Cyberattacks on a marine context (NATO Congress 2011)

Future-proofing maritime ports against emerging cyber-physical threatsSteven SIM Kok Leong

Csi Netsec 2006 Poor Mans Guide Merdingershawn_merdinger

Hardware Trojans By - Anupam TiwariOWASP Delhi

CSI - Poor Mans Guide To Espionage Gearshawn_merdinger

Cyber-Attack.pptxKaisSuhiemat

Rootkit&honeypot aalonso-dcu-dec09Angelill0

IoT exploitation: from memory corruption to code execution by Marco RomanoCodemotion

IoT exploitation: from memory corruption to code execution - Marco Romano - C...Codemotion

Greater China Cyber Threat Landscape - ISC 2016Sergey Gordeychik

Day4Jai4uk

Skyjacking A Cisco Wlan Attack Analysis And CountermeasuresAirTight Networks

15mohankumar1515

HackingSUNY Oneonta

Risk Factory: Let's Get PhysicalRisk Crew

Honeypot ProjectManikyala Rao

Anton Chuvakin on HoneypotsAnton Chuvakin

A Stuxnet for MainframesCheryl Biswas

DIY Internet: Snappy, Secure Networking with MinimaLT (JSConf EU 2013)Igalia

Order vs. Mad Science: Analyzing Black Hat Swarm IntelligencePriyanka Aash

The next generation ethernet gangster (part 2)Jeff Green

Ähnlich wie Cyberattacks on a marine context (NATO Congress 2011) (20)

Future-proofing maritime ports against emerging cyber-physical threats

Csi Netsec 2006 Poor Mans Guide Merdinger

Hardware Trojans By - Anupam Tiwari

CSI - Poor Mans Guide To Espionage Gear

Cyber-Attack.pptx

Rootkit&honeypot aalonso-dcu-dec09

IoT exploitation: from memory corruption to code execution by Marco Romano

IoT exploitation: from memory corruption to code execution - Marco Romano - C...

Greater China Cyber Threat Landscape - ISC 2016

Day4

Skyjacking A Cisco Wlan Attack Analysis And Countermeasures

Hacking

Risk Factory: Let's Get Physical

Honeypot Project

Anton Chuvakin on Honeypots

A Stuxnet for Mainframes

DIY Internet: Snappy, Secure Networking with MinimaLT (JSConf EU 2013)

Order vs. Mad Science: Analyzing Black Hat Swarm Intelligence

The next generation ethernet gangster (part 2)

Kürzlich hochgeladen

Histor y of HAM Radio presentation slidevu2urc

08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls

CNv6 Instructor Chapter 6 Quality of Servicegiselly40

Finology Group – Insurtech Innovation Award 2024The Digital Insurer

Developing An App To Navigate The Roads of BrazilV3cube

08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls

Slack Application Development 101 Slidespraypatel2

TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc

2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge

A Call to Action for Generative AI in 2024Results

🐬 The future of MySQL is Postgres 🐘RTylerCroy

Salesforce Community Group Quito, Salesforce 101Paola De la Torre

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays

Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2

Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi

Boost PC performance: How more available memory can improve productivityPrincipled Technologies

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung

Kürzlich hochgeladen (20)

Histor y of HAM Radio presentation slide

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

CNv6 Instructor Chapter 6 Quality of Service

Finology Group – Insurtech Innovation Award 2024

Developing An App To Navigate The Roads of Brazil

08448380779 Call Girls In Friends Colony Women Seeking Men

Slack Application Development 101 Slides

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

2024: Domino Containers - The Next Step. News from the Domino Container commu...

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf

A Call to Action for Generative AI in 2024

🐬 The future of MySQL is Postgres 🐘

Salesforce Community Group Quito, Salesforce 101

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Exploring the Future Potential of AI-Enabled Smartphone Processors

Top 5 Benefits OF Using Muvi Live Paywall For Live Streams

Boost PC performance: How more available memory can improve productivity

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Cyberattacks on a marine context (NATO Congress 2011)

1. A.P.T. Cyberattacks on a marine context Gutiérrez A. Corredera L.E.

2. Goal of the talk Identification of potential security flaws on a marine context using the most recent asset- oriented hacking techniques. Potential scenarios pirates could pursue targeting a vessel: 1- Compromised communications. 2- Malfunctioning/Sabotage of PLC systems 3- GPS precise fleet position discovering

3. Key concept A.P.T. (Advanced Persistant Threat): Refers to a group with both the capability and the intent to persistently and effectively target a speciﬁc entity. Advanced: Intelligence-gathering techniques Persistent: Not opportunistic Threat: Capability and Intent

4. Are sea pirates an A.P.T.? Persistent: Hijacking from early 90s. Threat: 53 ships on 2010 But...could they become Advanced?

5. Are sea pirates an A.P.T.? Persistent: Hijacking from early 90s. Threat: 53 ships on 2010 But...could they become Advanced?

6. Are sea pirates an A.P.T.? Persistent: Hijacking from early 90s. Threat: 53 ships on 2010 But...could they become Advanced?

7. Cyberattacks makes them Advanced Intelligence-gathering: Information Systems Intrusion Communications interception: Fake base station techniques Satellite Imaging: Google Maps, Bing...

8. Classic Cyberattacks: IP oriented Every device connected to the Internet has an IP address Basic steps of a “classical” Hacker (Not Persistent) IP ranges scan for listening services Target Characterization Investigate vulnerabilities and exploits

9. New Cyberattacks: Asset oriented Asset oriented search engine. Basic steps of a “Persistent” Hacker (Addressed to a certain target) Search for a concrete target in Shodan: e.g. Router Model Find exploit in Shodan So much faster and straightforward technique!

10. DEMO: Quick hacking session Search for USAL assets: hostname:usal.es Find vulnerable ones. (But be nice to them :) http://www.shodanhq.com

11. How all this apply to a marine context?

12. How all this apply to a marine context?

13. How all this apply to a marine context? http://www.zynetix.com/index.php?/solutions/maritime-gsm/

14. How all this apply to a marine context? http://www.zynetix.com/index.php?/solutions/maritime-gsm/

15. How all this apply to a marine context? http://www.zynetix.com/index.php?/solutions/maritime-gsm/

16. How all this apply to a marine context? http://www.zynetix.com/index.php?/solutions/maritime-gsm/

17. Potential security flaws

18. Potential security flaws Communications Intelligence Sabotage Interception gathering

19. Communications interception By Tsaitgaist [see http://commons.wikimedia.org/wiki/File %3AGsm_structures.svg for license], via Wikimedia Commons

20. Communications interception By Tsaitgaist [see http://commons.wikimedia.org/wiki/File %3AGsm_structures.svg for license], via Wikimedia Commons

21. Communications interception By Tsaitgaist [see http://commons.wikimedia.org/wiki/File %3AGsm_structures.svg for license], via Wikimedia Commons

22. Communications interception A5/x No real time. Look up tables Needs saved CUDA/GPUs Very costly Cryptoanalysis transmission. Fake base Micro BTS Close to the target Freq.inhibitor for 3G Less than 10k€ station openBSC, openBTS Cellphone Close to the target Motorola C123,155 baseband No GPRS by now OsMoComBB Less than 13$!!! modification Experimental

23. Potential security flaws

24. Potential security flaws Communications Intelligence Sabotage Interception gathering

25. Sabotage

26. Sabotage

27. Sabotage SCADA

28. Sabotage PLCs SCADA

29. Sabotage PLCs SCADA Water Treatment

30. Sabotage Stuxnet Very sophisticated. 4 Zero-days Deeply targeted at vulnerabilities. Extremely (Infects PLCs PLCs. 2 stolen digital expensive from FieldPGs) Spionage certificates. Needs a infection ScadaTrojans pathway to install a Inspired by Stuxnet (Infects PLCs but “Low cost” client side modified Cheaper from SCADAs) file. 3 Zero-days.

31. Potential security flaws

32. Potential security flaws Communications Intelligence Sabotage Interception gathering

33. Intelligence gathering http://newdata.es/sistemas-de-navegacion-maritima/

34. Intelligence gathering Electronic Chart Display and Information System http://newdata.es/sistemas-de-navegacion-maritima/

35. Intelligence gathering

36. Intelligence gathering A Vessel is usually part of the Internet..

37. Intelligence gathering A Vessel is usually part of the Internet.. And can be hacked as regular servers!

38. Intelligence gathering A Vessel is usually part of the Internet.. And can be hacked as regular servers!

39. Intelligence gathering A Vessel is usually part of the Internet.. And can be hacked as regular servers!

40. Intelligence gathering Internet connection. Depends on Asset oriented Computer. manufacturer’s Classic hacking Extremely cheap hacking security tools.

41. DEMO: Quick assets oriented search session Membrane Biological Reactor, Merchant Vessels, Worldwide Control system solution comprises: Siemens S7-300 PLC with MP HMI and S7-200 PLC based control systems and networking for the water treatment systems. Search for Maritime related assets: Zynetix MaritimeGSM, S7-300, advantech http://www.shodanhq.com

42. Conclusions Pirates should be considered an APT. They could virtually use Cyberattacks to hijack vessels more easily. Complex Cyberattacks are more and more affordable. A ship may become practically speaking an Internet node with all its risks (should be managed). Let’s be in the look out!

43. THANK YOU! {alberto,luisenrique}@flagsolutions.net Twitter: @albertoflag , @lencorredera

44. THANK YOU! {alberto,luisenrique}@flagsolutions.net Twitter: @albertoflag , @lencorredera

Cyberattacks on a marine context (NATO Congress 2011)

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Andere mochten auch

Andere mochten auch (12)

Ähnlich wie Cyberattacks on a marine context (NATO Congress 2011)

Ähnlich wie Cyberattacks on a marine context (NATO Congress 2011) (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Cyberattacks on a marine context (NATO Congress 2011)

Hinweis der Redaktion