SlideShare a Scribd company logo

Saxion Enschedé College Security 2010

Jurgen van der Vlugt
Jurgen van der Vlugt
BusinessTechnology
1 of 44
Stuxnet: It goan oan Ir.drs. J. (Jurgen) van der Vlugt RE CISA Noordbeek B.V. Jurgen@Noordbeek.com 6 oktober 2010, Enschedé
College Stuxnet: It goan oan / Proces-IT 2010 10 06 2 Intro; ik = • Bedrijfseconomie (Rotterdam, finbel) • Technische Informatica (Delft; KI) • KPMG EDP Auditors / IRM (WinNT, Y2K) • Post-grad IT-auditing (VU) • Sogeti • ABN AMRO (Group Audit, Group Security; projects++, outsourcing, security integration) • Noordbeek • VU, NOREA (VC, CHBr), ISACA, ISSA (NL, Int’l), PvIB
College Stuxnet: It goan oan / Proces-IT 2010 10 06 3 Agenda • Maeslant en ‫ڈژک‬ • Proces-IT • Administratieve systemen en zo • Ubiquitous information
College Stuxnet: It goan oan / Proces-IT 2010 10 06 4 Neerlands Trots
College Stuxnet: It goan oan / Proces-IT 2010 10 06 5
College Stuxnet: It goan oan / Proces-IT 2010 10 06 6 Stuxnet • Sinds juni (?) in omloop / in beeld • Zeer veel kennis erin • Team effort • Niet uit op creditcard-info. Huh? • Via USB-poort • Siemens WinCC/PCS7, specifieke functies • September: • Vooral anti-Iran • ‘Opstart kerncentrale uitgesteld’ • Round up the usual suspects • Sporen van politieke boodschappen • Israël ..? India? USoA? Wie?
College Stuxnet: It goan oan / Proces-IT 2010 10 06 7 It goat oan • Probleem: Slechte beheersing proces-IT • Al lang bekend • Na bragging rights door defacing • En na financieel gewin via banking trojans • Nu third wave • “Cyberwarfare”?
College Stuxnet: It goan oan / Proces-IT 2010 10 06 8 (Financieel gewin) • Geen lonely wolves • Industrie: • Vuln-searchers • Exploit developers • CC harvesters • CC brokers • CC smurfers / mules • Collectors • Hosting / defense • Botnets: same • Sw is copyable…
College Stuxnet: It goan oan / Proces-IT 2010 10 06 9 Agenda • Maeslant en ‫ڈژک‬ • Proces-IT • Administratieve systemen en zo • Ubiquitous information
College Stuxnet: It goan oan / Proces-IT 2010 10 06 10 Proces-IT • Vanuit de elektrotechniek • Specialistisch • Kritieke systemen!
College Stuxnet: It goan oan / Proces-IT 2010 10 06 11 Meer
College Stuxnet: It goan oan / Proces-IT 2010 10 06 12 Control
College Stuxnet: It goan oan / Proces-IT 2010 10 06 13 Ook wel: SCADA SCADA = supervisory control and data acquisition. • Industrial control systems: computer systems that monitor and control industrial, infrastructure, or facility-based processes, as described below: • Industrial processes: manufacturing, production, power generation, fabrication, refining Continuous, batch, repetitive, or discrete modes. • Public or private, incl water treatment and distribution, wastewater collection and treatment, oil and gas pipelines, electrical power transmission and distribution, wind farms, civil defense sirens, and large communication systems. • Facilities public/ private, incl buildings, airports, ships, and space stations. They monitor and control HVAC, access, and energy consumption.
College Stuxnet: It goan oan / Proces-IT 2010 10 06 14 Elementen • HMI: Human-Machine Interface • Monitoring • Control • Supervisory (computer) system • Data-acquisitie • Control commands sturen • RTUs: Remote Terminal Units • Connect sensors in het proces • Converteren sensorsignalen naar digitaal • Zenden digitale signalen naar supervisory system • PLCs: Programmable Logic Controllers • ‘Field devices’: goedkoper en flexibeler dan special-purpose RTUs • Communicatie-devices/kabels
College Stuxnet: It goan oan / Proces-IT 2010 10 06 15 SCADA Nota bene: • PLCs controllen standaardproces • RTUs pakken afwijkingen op • Mensen pakken afwijkingen op hoger niveau op (iff) • Tag db: • Tags/points = gemonitorde I/O waarde • Hard (1) / soft (combi) • + Timestamp, + Metadata
College Stuxnet: It goan oan / Proces-IT 2010 10 06 16 Plaatje (Historian)
College Stuxnet: It goan oan / Proces-IT 2010 10 06 17
College Stuxnet: It goan oan / Proces-IT 2010 10 06 18
College Stuxnet: It goan oan / Proces-IT 2010 10 06 19
College Stuxnet: It goan oan / Proces-IT 2010 10 06 20
College Stuxnet: It goan oan / Proces-IT 2010 10 06 21 P-roblemen • Geen aandacht voor beveiliging en autenticatie in ontwerp, uitrol, operations in huidige generaties SCADA-netwerken • (Geen) security through obscurity (meer) • Vertrouwen op speciale protocollen, proprietary interfaces (nog!) • ‘Fysieke beveiliging is voldoende’ • ‘Hangen niet aan het Internet’
College Stuxnet: It goan oan / Proces-IT 2010 10 06 22 Wat als het misgaat • Zichtbaar ? • Positieve feedforward ? • Te laat ? • Ingrijpen mogelijk ?
College Stuxnet: It goan oan / Proces-IT 2010 10 06 23 Ook Shattered Shield 'I Had A Funny Feeling in My Gut' By David Hoffman Washington Post Foreign Service Wednesday, February 10, 1999; Page A19 • It was just past midnight as Stanislav Petrov settled into the commander's chair inside the secret bunker at Serpukhov- 15, the installation where the Soviet Union monitored its early-warning satellites over the United States. • Then the alarms went off. On the panel in front him was a red pulsating button. One word flashed: "Start." • It was Sept. 26, 1983, and Petrov was playing a principal role in one of the most harrowing incidents of the nuclear age, a false alarm signaling a U.S. missile attack. Although virtually unknown to the West at the time, the false alarm at the closed military facility south of Moscow came during one of the most tense periods of the Cold War. And the episode resonates today because Russia's early-warning system has fewer than half the satellites it did back then, raising the specter of more such dangerous incidents. • As Petrov described it in an interview, one of the Soviet satellites sent a signal to the bunker that a nuclear missile attack was underway. The warning system's computer, weighing the signal against static, concluded that a missile had been launched from a base in the United States. • The responsibility fell to Petrov, then a 44-year-old lieutenant colonel, to make a decision: Was it for real? Petrov was situated at a critical point in the chain of command, overseeing a staff that monitored incoming signals from the satellites. He reported to superiors at warning-system headquarters; they, in turn, reported to the general staff, which would consult with Soviet leader Yuri Andropov on the possibility of launching a retaliatory attack. • Petrov's role was to evaluate the incoming data. At first, the satellite reported that one missile had been launched – then another, and another. Soon, the system was "roaring," he recalled – five Minuteman intercontinental ballistic missiles had been launched, it reported. • Despite the electronic evidence, Petrov decided – and advised the others – that the satellite alert was a false alarm, a call that may have averted a nuclear holocaust. But he was relentlessly interrogated afterward, was never rewarded for his decision and today is a long-forgotten pensioner
College Stuxnet: It goan oan / Proces-IT 2010 10 06 24 Agenda • Maeslant en ‫ڈژک‬ • Proces-IT • Administratieve systemen en zo • Ubiquitous information
College Stuxnet: It goan oan / Proces-IT 2010 10 06 25 Traditioneel ‘Business’ Information Mgt IT Strat Tact Oper
College Stuxnet: It goan oan / Proces-IT 2010 10 06 26 Informatiebeveiliging ‘Business’ Information Mgt IT Strat Tact Oper IT-beveiliging
College Stuxnet: It goan oan / Proces-IT 2010 10 06 27 Bedreigingen … Sorry! Overstroming Windhoos Aardbeving Grieppandemie Zonder opzet Crackers Fraudeurs Actiegroepen Tegenzin / Geen tijd ?Met opzet Acts of Man Acts of nature (‘Acts of God’)
College Stuxnet: It goan oan / Proces-IT 2010 10 06 28 Bedreigingen • Acts of Man • Actief / Passief (blijven) • I’m sorry-attacks • Domheid • ‘Operational risks’..!
College Stuxnet: It goan oan / Proces-IT 2010 10 06 29 En dan: Controls = Maatregelen, bijsturingsmiddelen • Organisatorisch (functiescheiding) • Procedureel (afvinken rapporten) • Fysiek (toegang) • IT (…) • Geld (verzekering) • In combinatie (Er is geen silver bullet!)
College Stuxnet: It goan oan / Proces-IT 2010 10 06 30 Controls (bescherming?) • Afschrikkende • Preventieve, • Detectieve, • Repressieve, • Beperkende en opvangende, • Corrigerende en terugwinnende • Hoe eerder hoe beter • Net beter dan de buren
College Stuxnet: It goan oan / Proces-IT 2010 10 06 31 Controls (vervolg) • Traditioneel: Accountantshobby, Maar niet langer alleen t.b.v. jaarrekeningcontrole • Taalprobleem: Operationeel doen ↔ Op managementniveau uitleggen • Modes • RBAC • Classificatie • Architectuur
College Stuxnet: It goan oan / Proces-IT 2010 10 06 32 Controls: kosten, baten • Schade ↔ kosten van controls (direct, indirect, reputatie?) • Vantevoren cijfers nodig! • Frequentie / kans • Impact, schade (2x) • Kosten → continu → rapporteren (niks merkbaar?) • Effectiviteit • FUD werkt misschien toch beter
College Stuxnet: It goan oan / Proces-IT 2010 10 06 33 Waar is de control loop-gedachte? • Nergens. Administratievelingen kennen die niet • Nou ja, helemaal nergens…
College Stuxnet: It goan oan / Proces-IT 2010 10 06 34 Evaluate design & set-up Analysis Monitor & react Incident Mgt CLD Insu- rance Mgt KRI (Mgt) (K)ORC (Mgt) R(S)A (+Audit) Operational Risk Management ORAP Designed, Selected for efficiency Tuning, Mandatory Near misses KRI values Corrective actions Incidents Indemnities Controls Risk indicators Incidents for analysis (Problems) Inherent risks Process Problem Mgt Breach
College Stuxnet: It goan oan / Proces-IT 2010 10 06 35 Controls ontwerpen
College Stuxnet: It goan oan / Proces-IT 2010 10 06 36 Agenda • Maeslant en ‫ڈژک‬ • Proces-IT • Administratieve systemen en zo • Ubiquitous information
College Stuxnet: It goan oan / Proces-IT 2010 10 06 37 Ubicomp / Ubi Info
College Stuxnet: It goan oan / Proces-IT 2010 10 06 38 Ubi-problemen • Wie zit er aan de gegevens, Wie is in control ? • Privacy • Trawling for patterns (total surveillance) • Where’s your data …? (Cloud2), Wie zorgt ervoor ?
College Stuxnet: It goan oan / Proces-IT 2010 10 06 39 Ubi-problemen (II) • Herstelbaarheid fouten • Waar moet je zijn ? (Aansprakelijkheid voor schade ?) • Wiens woord telt ? • Location-based by default stemmen ?
College Stuxnet: It goan oan / Proces-IT 2010 10 06 40 Hoe nu beveiligen? • Admin systemen: Easy in theorie Maar: Theorie vs de mens ? • Proces-IT: Dunno. Maar: …? Actie nodig ! • Ubi Info: It goat oan
College Stuxnet: It goan oan / Proces-IT 2010 10 06 41 Iets meer in beeld ‘Business’ Information Mgt IT‘Overheid’?Burger
College Stuxnet: It goan oan / Proces-IT 2010 10 06 42 Agenda • Maeslant en ‫ڈژک‬ • Proces-IT • Administratieve systemen en zo • Ubiquitous information • The End
College Stuxnet: It goan oan / Proces-IT 2010 10 06 43 Vragen …? We gaan vooruit !
College Stuxnet: It goan oan / Proces-IT 2010 10 06 44 The End

Recommended

Saxion Enschedé College Security 2009
Saxion Enschedé College Security 2009Saxion Enschedé College Security 2009
Saxion Enschedé College Security 2009Jurgen van der Vlugt
 
VU Organisatie van het beroep Reglementering Deel I 21 mei 2010
VU Organisatie van het beroep Reglementering Deel I 21 mei 2010VU Organisatie van het beroep Reglementering Deel I 21 mei 2010
VU Organisatie van het beroep Reglementering Deel I 21 mei 2010Jurgen van der Vlugt
 
Adviesdiensten Norea Regio Noord 2012 05 10
Adviesdiensten Norea Regio Noord 2012 05 10Adviesdiensten Norea Regio Noord 2012 05 10
Adviesdiensten Norea Regio Noord 2012 05 10Jurgen van der Vlugt
 
VU Uitvoering van de audit 28 mei 2010
VU Uitvoering van de audit 28 mei 2010VU Uitvoering van de audit 28 mei 2010
VU Uitvoering van de audit 28 mei 2010Jurgen van der Vlugt
 
VU Information Risk Management Security Management 2010 JvdV
VU Information Risk Management Security Management 2010 JvdVVU Information Risk Management Security Management 2010 JvdV
VU Information Risk Management Security Management 2010 JvdVJurgen van der Vlugt
 
Automotive Cyber-Security Insights learned from IT and ICS/SCADA
Automotive Cyber-Security Insights learned from IT and ICS/SCADAAutomotive Cyber-Security Insights learned from IT and ICS/SCADA
Automotive Cyber-Security Insights learned from IT and ICS/SCADAGilad Bandel
 
Cognitive Electronics (COEL) Project
Cognitive Electronics (COEL) ProjectCognitive Electronics (COEL) Project
Cognitive Electronics (COEL) ProjectAgence du Numérique (AdN)
 
Sphsc fall 2013 Tech Orietation
Sphsc fall 2013 Tech OrietationSphsc fall 2013 Tech Orietation
Sphsc fall 2013 Tech OrietationLaura Jaurequi
 

Recommended

Saxion Enschedé College Security 2009
Saxion Enschedé College Security 2009Saxion Enschedé College Security 2009
Saxion Enschedé College Security 2009Jurgen van der Vlugt
 
VU Organisatie van het beroep Reglementering Deel I 21 mei 2010
VU Organisatie van het beroep Reglementering Deel I 21 mei 2010VU Organisatie van het beroep Reglementering Deel I 21 mei 2010
VU Organisatie van het beroep Reglementering Deel I 21 mei 2010Jurgen van der Vlugt
 
Adviesdiensten Norea Regio Noord 2012 05 10
Adviesdiensten Norea Regio Noord 2012 05 10Adviesdiensten Norea Regio Noord 2012 05 10
Adviesdiensten Norea Regio Noord 2012 05 10Jurgen van der Vlugt
 
VU Uitvoering van de audit 28 mei 2010
VU Uitvoering van de audit 28 mei 2010VU Uitvoering van de audit 28 mei 2010
VU Uitvoering van de audit 28 mei 2010Jurgen van der Vlugt
 
VU Information Risk Management Security Management 2010 JvdV
VU Information Risk Management Security Management 2010 JvdVVU Information Risk Management Security Management 2010 JvdV
VU Information Risk Management Security Management 2010 JvdVJurgen van der Vlugt
 
Automotive Cyber-Security Insights learned from IT and ICS/SCADA
Automotive Cyber-Security Insights learned from IT and ICS/SCADAAutomotive Cyber-Security Insights learned from IT and ICS/SCADA
Automotive Cyber-Security Insights learned from IT and ICS/SCADAGilad Bandel
 
Cognitive Electronics (COEL) Project
Cognitive Electronics (COEL) ProjectCognitive Electronics (COEL) Project
Cognitive Electronics (COEL) ProjectAgence du Numérique (AdN)
 
Sphsc fall 2013 Tech Orietation
Sphsc fall 2013 Tech OrietationSphsc fall 2013 Tech Orietation
Sphsc fall 2013 Tech OrietationLaura Jaurequi
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016InfinIT - Innovationsnetværket for it
 
Factors Influencing Quality of Experience of Commonly-Used Mobile Applications
Factors Influencing Quality of Experience of Commonly-Used Mobile ApplicationsFactors Influencing Quality of Experience of Commonly-Used Mobile Applications
Factors Influencing Quality of Experience of Commonly-Used Mobile ApplicationsKatarzyna Wac & The QoL Lab
 
Session 61 Kkatja Kircher
Session 61 Kkatja KircherSession 61 Kkatja Kircher
Session 61 Kkatja KircherTransportforum (VTI)
 
Virtual Twins: Modeling Trends and Challenges Ahead
Virtual Twins: Modeling Trends and Challenges AheadVirtual Twins: Modeling Trends and Challenges Ahead
Virtual Twins: Modeling Trends and Challenges AheadBrain IoT Project
 
ML13198A409.pdf
ML13198A409.pdfML13198A409.pdf
ML13198A409.pdfpoolpandyM
 
Testing Challenges and Approaches in Edge Computing
Testing Challenges and Approaches in Edge ComputingTesting Challenges and Approaches in Edge Computing
Testing Challenges and Approaches in Edge ComputingAxel Rennoch
 
CV-TrinhDinhVu
CV-TrinhDinhVuCV-TrinhDinhVu
CV-TrinhDinhVuTrinh Dinh Vu
 
CS5032 Lecture 20: Dependable infrastructure 2
CS5032 Lecture 20: Dependable infrastructure 2CS5032 Lecture 20: Dependable infrastructure 2
CS5032 Lecture 20: Dependable infrastructure 2John Rooksby
 
mduduzi'cv
mduduzi'cvmduduzi'cv
mduduzi'cvMduduzi Ndhlovu
 
A Cloud-Based Lab Management and Analytics Software for Triangulated Human-Ce...
A Cloud-Based Lab Management and Analytics Software for Triangulated Human-Ce...A Cloud-Based Lab Management and Analytics Software for Triangulated Human-Ce...
A Cloud-Based Lab Management and Analytics Software for Triangulated Human-Ce...Pierre-Majorique Léger
 
Mike Bartley - Innovations for Testing Parallel Software - EuroSTAR 2012
Mike Bartley - Innovations for Testing Parallel Software - EuroSTAR 2012Mike Bartley - Innovations for Testing Parallel Software - EuroSTAR 2012
Mike Bartley - Innovations for Testing Parallel Software - EuroSTAR 2012TEST Huddle
 
HEUGCloud services the democratization of it (heug)
HEUGCloud services the democratization of it (heug)HEUGCloud services the democratization of it (heug)
HEUGCloud services the democratization of it (heug)Leo Plugge
 
Cern Security UAB-2009
Cern Security UAB-2009Cern Security UAB-2009
Cern Security UAB-2009Gustavo Martinez
 
2015/12/16 Participatory Urban Sensing
2015/12/16 Participatory Urban Sensing2015/12/16 Participatory Urban Sensing
2015/12/16 Participatory Urban SensingLing-Jyh Chen
 
WATOUTI MOHAMED CV (anglais)
WATOUTI MOHAMED CV (anglais)WATOUTI MOHAMED CV (anglais)
WATOUTI MOHAMED CV (anglais)Mohamed Watouti
 
Luan Nguyen_Resume
Luan Nguyen_ResumeLuan Nguyen_Resume
Luan Nguyen_ResumeLuan Nguyen
 
Introduction to ICT lab 01.pptx
Introduction to ICT lab 01.pptxIntroduction to ICT lab 01.pptx
Introduction to ICT lab 01.pptxZameerBhurgri
 
Three Laws of Trusted Data Sharing: (Building a Better Business Case for Dat...
Three Laws of Trusted Data Sharing: (Building a Better Business Case for Dat...Three Laws of Trusted Data Sharing: (Building a Better Business Case for Dat...
Three Laws of Trusted Data Sharing: (Building a Better Business Case for Dat...CS, NcState
 
Real-time, Sensor-based Monitoring of Shipping Containers
Real-time, Sensor-based Monitoring of Shipping ContainersReal-time, Sensor-based Monitoring of Shipping Containers
Real-time, Sensor-based Monitoring of Shipping Containersbenaam
 
Network Security Lecture
Network Security LectureNetwork Security Lecture
Network Security LectureChanankorn Jandaeng
 
Permanent open depot rijks in kpmg gebouw v0.3
Permanent open depot rijks in kpmg gebouw v0.3Permanent open depot rijks in kpmg gebouw v0.3
Permanent open depot rijks in kpmg gebouw v0.3Jurgen van der Vlugt
 
IDC Amsterdam 2013 09 12 Smart Security Solutions require Ditto Designs
IDC Amsterdam 2013 09 12 Smart Security Solutions require Ditto DesignsIDC Amsterdam 2013 09 12 Smart Security Solutions require Ditto Designs
IDC Amsterdam 2013 09 12 Smart Security Solutions require Ditto DesignsJurgen van der Vlugt
 

More Related Content

Similar to Saxion Enschedé College Security 2010

Factors Influencing Quality of Experience of Commonly-Used Mobile Applications
Factors Influencing Quality of Experience of Commonly-Used Mobile ApplicationsFactors Influencing Quality of Experience of Commonly-Used Mobile Applications
Factors Influencing Quality of Experience of Commonly-Used Mobile ApplicationsKatarzyna Wac & The QoL Lab
 
Virtual Twins: Modeling Trends and Challenges Ahead
Virtual Twins: Modeling Trends and Challenges AheadVirtual Twins: Modeling Trends and Challenges Ahead
Virtual Twins: Modeling Trends and Challenges AheadBrain IoT Project
 
ML13198A409.pdf
ML13198A409.pdfML13198A409.pdf
ML13198A409.pdfpoolpandyM
 
Testing Challenges and Approaches in Edge Computing
Testing Challenges and Approaches in Edge ComputingTesting Challenges and Approaches in Edge Computing
Testing Challenges and Approaches in Edge ComputingAxel Rennoch
 
CS5032 Lecture 20: Dependable infrastructure 2
CS5032 Lecture 20: Dependable infrastructure 2CS5032 Lecture 20: Dependable infrastructure 2
CS5032 Lecture 20: Dependable infrastructure 2John Rooksby
 
A Cloud-Based Lab Management and Analytics Software for Triangulated Human-Ce...
A Cloud-Based Lab Management and Analytics Software for Triangulated Human-Ce...A Cloud-Based Lab Management and Analytics Software for Triangulated Human-Ce...
A Cloud-Based Lab Management and Analytics Software for Triangulated Human-Ce...Pierre-Majorique Léger
 
Mike Bartley - Innovations for Testing Parallel Software - EuroSTAR 2012
Mike Bartley - Innovations for Testing Parallel Software - EuroSTAR 2012Mike Bartley - Innovations for Testing Parallel Software - EuroSTAR 2012
Mike Bartley - Innovations for Testing Parallel Software - EuroSTAR 2012TEST Huddle
 
HEUGCloud services the democratization of it (heug)
HEUGCloud services the democratization of it (heug)HEUGCloud services the democratization of it (heug)
HEUGCloud services the democratization of it (heug)Leo Plugge
 
2015/12/16 Participatory Urban Sensing
2015/12/16 Participatory Urban Sensing2015/12/16 Participatory Urban Sensing
2015/12/16 Participatory Urban SensingLing-Jyh Chen
 
WATOUTI MOHAMED CV (anglais)
WATOUTI MOHAMED CV (anglais)WATOUTI MOHAMED CV (anglais)
WATOUTI MOHAMED CV (anglais)Mohamed Watouti
 
Luan Nguyen_Resume
Luan Nguyen_ResumeLuan Nguyen_Resume
Luan Nguyen_ResumeLuan Nguyen
 
Introduction to ICT lab 01.pptx
Introduction to ICT lab 01.pptxIntroduction to ICT lab 01.pptx
Introduction to ICT lab 01.pptxZameerBhurgri
 
Three Laws of Trusted Data Sharing: (Building a Better Business Case for Dat...
Three Laws of Trusted Data Sharing: (Building a Better Business Case for Dat...Three Laws of Trusted Data Sharing: (Building a Better Business Case for Dat...
Three Laws of Trusted Data Sharing: (Building a Better Business Case for Dat...CS, NcState
 
Real-time, Sensor-based Monitoring of Shipping Containers
Real-time, Sensor-based Monitoring of Shipping ContainersReal-time, Sensor-based Monitoring of Shipping Containers
Real-time, Sensor-based Monitoring of Shipping Containersbenaam
 

Similar to Saxion Enschedé College Security 2010 (20)

Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016
 
Factors Influencing Quality of Experience of Commonly-Used Mobile Applications
Factors Influencing Quality of Experience of Commonly-Used Mobile ApplicationsFactors Influencing Quality of Experience of Commonly-Used Mobile Applications
Factors Influencing Quality of Experience of Commonly-Used Mobile Applications
 
Session 61 Kkatja Kircher
Session 61 Kkatja KircherSession 61 Kkatja Kircher
Session 61 Kkatja Kircher
 
Virtual Twins: Modeling Trends and Challenges Ahead
Virtual Twins: Modeling Trends and Challenges AheadVirtual Twins: Modeling Trends and Challenges Ahead
Virtual Twins: Modeling Trends and Challenges Ahead
 
ML13198A409.pdf
ML13198A409.pdfML13198A409.pdf
ML13198A409.pdf
 
Testing Challenges and Approaches in Edge Computing
Testing Challenges and Approaches in Edge ComputingTesting Challenges and Approaches in Edge Computing
Testing Challenges and Approaches in Edge Computing
 
CV-TrinhDinhVu
CV-TrinhDinhVuCV-TrinhDinhVu
CV-TrinhDinhVu
 
CS5032 Lecture 20: Dependable infrastructure 2
CS5032 Lecture 20: Dependable infrastructure 2CS5032 Lecture 20: Dependable infrastructure 2
CS5032 Lecture 20: Dependable infrastructure 2
 
mduduzi'cv
mduduzi'cvmduduzi'cv
mduduzi'cv
 
A Cloud-Based Lab Management and Analytics Software for Triangulated Human-Ce...
A Cloud-Based Lab Management and Analytics Software for Triangulated Human-Ce...A Cloud-Based Lab Management and Analytics Software for Triangulated Human-Ce...
A Cloud-Based Lab Management and Analytics Software for Triangulated Human-Ce...
 
Mike Bartley - Innovations for Testing Parallel Software - EuroSTAR 2012
Mike Bartley - Innovations for Testing Parallel Software - EuroSTAR 2012Mike Bartley - Innovations for Testing Parallel Software - EuroSTAR 2012
Mike Bartley - Innovations for Testing Parallel Software - EuroSTAR 2012
 
HEUGCloud services the democratization of it (heug)
HEUGCloud services the democratization of it (heug)HEUGCloud services the democratization of it (heug)
HEUGCloud services the democratization of it (heug)
 
Cern Security UAB-2009
Cern Security UAB-2009Cern Security UAB-2009
Cern Security UAB-2009
 
2015/12/16 Participatory Urban Sensing
2015/12/16 Participatory Urban Sensing2015/12/16 Participatory Urban Sensing
2015/12/16 Participatory Urban Sensing
 
WATOUTI MOHAMED CV (anglais)
WATOUTI MOHAMED CV (anglais)WATOUTI MOHAMED CV (anglais)
WATOUTI MOHAMED CV (anglais)
 
Luan Nguyen_Resume
Luan Nguyen_ResumeLuan Nguyen_Resume
Luan Nguyen_Resume
 
Introduction to ICT lab 01.pptx
Introduction to ICT lab 01.pptxIntroduction to ICT lab 01.pptx
Introduction to ICT lab 01.pptx
 
Three Laws of Trusted Data Sharing: (Building a Better Business Case for Dat...
Three Laws of Trusted Data Sharing: (Building a Better Business Case for Dat...Three Laws of Trusted Data Sharing: (Building a Better Business Case for Dat...
Three Laws of Trusted Data Sharing: (Building a Better Business Case for Dat...
 
Real-time, Sensor-based Monitoring of Shipping Containers
Real-time, Sensor-based Monitoring of Shipping ContainersReal-time, Sensor-based Monitoring of Shipping Containers
Real-time, Sensor-based Monitoring of Shipping Containers
 
Network Security Lecture
Network Security LectureNetwork Security Lecture
Network Security Lecture
 

More from Jurgen van der Vlugt

Permanent open depot rijks in kpmg gebouw v0.3
Permanent open depot rijks in kpmg gebouw v0.3Permanent open depot rijks in kpmg gebouw v0.3
Permanent open depot rijks in kpmg gebouw v0.3Jurgen van der Vlugt
 
IDC Amsterdam 2013 09 12 Smart Security Solutions require Ditto Designs
IDC Amsterdam 2013 09 12 Smart Security Solutions require Ditto DesignsIDC Amsterdam 2013 09 12 Smart Security Solutions require Ditto Designs
IDC Amsterdam 2013 09 12 Smart Security Solutions require Ditto DesignsJurgen van der Vlugt
 
ISSA NL event 2013 06 06 Limits, Not Rails
ISSA NL event 2013 06 06 Limits, Not RailsISSA NL event 2013 06 06 Limits, Not Rails
ISSA NL event 2013 06 06 Limits, Not RailsJurgen van der Vlugt
 
Wat ruist er door uw data-zee ISACA NL roundtable 2013 06 03
Wat ruist er door uw data-zee ISACA NL roundtable 2013 06 03Wat ruist er door uw data-zee ISACA NL roundtable 2013 06 03
Wat ruist er door uw data-zee ISACA NL roundtable 2013 06 03Jurgen van der Vlugt
 
ACAM-VDA NOREA Adviesdiensten 21 juni 2012
ACAM-VDA NOREA Adviesdiensten 21 juni 2012ACAM-VDA NOREA Adviesdiensten 21 juni 2012
ACAM-VDA NOREA Adviesdiensten 21 juni 2012Jurgen van der Vlugt
 
Van Plank Misslaan Naar Spijker Op De Kop V0.3
Van Plank Misslaan Naar Spijker Op De Kop V0.3Van Plank Misslaan Naar Spijker Op De Kop V0.3
Van Plank Misslaan Naar Spijker Op De Kop V0.3Jurgen van der Vlugt
 
Advies Assurance September 2011 V0.97
Advies Assurance September 2011 V0.97Advies Assurance September 2011 V0.97
Advies Assurance September 2011 V0.97Jurgen van der Vlugt
 
NGI Regio Rdam / Afd IT-A: Stuxnet - Beveiliging en Audit van Proces IT
NGI Regio Rdam / Afd IT-A: Stuxnet - Beveiliging en Audit van Proces ITNGI Regio Rdam / Afd IT-A: Stuxnet - Beveiliging en Audit van Proces IT
NGI Regio Rdam / Afd IT-A: Stuxnet - Beveiliging en Audit van Proces ITJurgen van der Vlugt
 
NOREA Update congres 2007 incl notes
NOREA Update congres 2007 incl notesNOREA Update congres 2007 incl notes
NOREA Update congres 2007 incl notesJurgen van der Vlugt
 
NOREA Regiosessie Reglementen 2010
NOREA Regiosessie Reglementen 2010NOREA Regiosessie Reglementen 2010
NOREA Regiosessie Reglementen 2010Jurgen van der Vlugt
 

More from Jurgen van der Vlugt (15)

Permanent open depot rijks in kpmg gebouw v0.3
Permanent open depot rijks in kpmg gebouw v0.3Permanent open depot rijks in kpmg gebouw v0.3
Permanent open depot rijks in kpmg gebouw v0.3
 
IDC Amsterdam 2013 09 12 Smart Security Solutions require Ditto Designs
IDC Amsterdam 2013 09 12 Smart Security Solutions require Ditto DesignsIDC Amsterdam 2013 09 12 Smart Security Solutions require Ditto Designs
IDC Amsterdam 2013 09 12 Smart Security Solutions require Ditto Designs
 
ISSA NL event 2013 06 06 Limits, Not Rails
ISSA NL event 2013 06 06 Limits, Not RailsISSA NL event 2013 06 06 Limits, Not Rails
ISSA NL event 2013 06 06 Limits, Not Rails
 
Wat ruist er door uw data-zee ISACA NL roundtable 2013 06 03
Wat ruist er door uw data-zee ISACA NL roundtable 2013 06 03Wat ruist er door uw data-zee ISACA NL roundtable 2013 06 03
Wat ruist er door uw data-zee ISACA NL roundtable 2013 06 03
 
Much Data 0.95
Much Data 0.95Much Data 0.95
Much Data 0.95
 
Risk Managers Of The Universe
Risk Managers Of The UniverseRisk Managers Of The Universe
Risk Managers Of The Universe
 
ACAM-VDA NOREA Adviesdiensten 21 juni 2012
ACAM-VDA NOREA Adviesdiensten 21 juni 2012ACAM-VDA NOREA Adviesdiensten 21 juni 2012
ACAM-VDA NOREA Adviesdiensten 21 juni 2012
 
ISSA ORM 2012 June 20 v0.3
ISSA ORM 2012 June 20 v0.3ISSA ORM 2012 June 20 v0.3
ISSA ORM 2012 June 20 v0.3
 
Van Plank Misslaan Naar Spijker Op De Kop V0.3
Van Plank Misslaan Naar Spijker Op De Kop V0.3Van Plank Misslaan Naar Spijker Op De Kop V0.3
Van Plank Misslaan Naar Spijker Op De Kop V0.3
 
Down the Blind Alley (PDF)
Down the Blind Alley (PDF)Down the Blind Alley (PDF)
Down the Blind Alley (PDF)
 
Advies Assurance September 2011 V0.97
Advies Assurance September 2011 V0.97Advies Assurance September 2011 V0.97
Advies Assurance September 2011 V0.97
 
NGI Regio Rdam / Afd IT-A: Stuxnet - Beveiliging en Audit van Proces IT
NGI Regio Rdam / Afd IT-A: Stuxnet - Beveiliging en Audit van Proces ITNGI Regio Rdam / Afd IT-A: Stuxnet - Beveiliging en Audit van Proces IT
NGI Regio Rdam / Afd IT-A: Stuxnet - Beveiliging en Audit van Proces IT
 
NOREA Update congres 2007 incl notes
NOREA Update congres 2007 incl notesNOREA Update congres 2007 incl notes
NOREA Update congres 2007 incl notes
 
NOREA ALV Symposium Advies 2010
NOREA ALV Symposium Advies 2010NOREA ALV Symposium Advies 2010
NOREA ALV Symposium Advies 2010
 
NOREA Regiosessie Reglementen 2010
NOREA Regiosessie Reglementen 2010NOREA Regiosessie Reglementen 2010
NOREA Regiosessie Reglementen 2010
 

Recently uploaded

NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfKhaled Al Awadi
 
Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Anamaria Contreras
 
Buy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy Verified Accounts
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03DallasHaselhorst
 
Call Girls Contact Number Andheri 9920874524
Call Girls Contact Number Andheri 9920874524Call Girls Contact Number Andheri 9920874524
Call Girls Contact Number Andheri 9920874524najka9823
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCRashishs7044
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Kirill Klimov
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyotictsugar
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessSeta Wicaksana
 
Darshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfDarshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfShashank Mehta
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfrichard876048
 
TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024Adnet Communications
 
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607dollysharma2066
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCRashishs7044
 
Appkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxAppkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxappkodes
 
PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationAnamaria Contreras
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCRashishs7044
 

Recently uploaded (20)

NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
 
Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.
 
Buy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail Accounts
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03
 
Call Girls Contact Number Andheri 9920874524
Call Girls Contact Number Andheri 9920874524Call Girls Contact Number Andheri 9920874524
Call Girls Contact Number Andheri 9920874524
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024
 
Corporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information TechnologyCorporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information Technology
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyot
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful Business
 
Darshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfDarshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdf
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdf
 
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCREnjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
 
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
 
TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024
 
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
 
Appkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxAppkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptx
 
PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement Presentation
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR
 

Saxion Enschedé College Security 2010

  • 1. Stuxnet: It goan oan Ir.drs. J. (Jurgen) van der Vlugt RE CISA Noordbeek B.V. Jurgen@Noordbeek.com 6 oktober 2010, Enschedé
  • 2. College Stuxnet: It goan oan / Proces-IT 2010 10 06 2 Intro; ik = • Bedrijfseconomie (Rotterdam, finbel) • Technische Informatica (Delft; KI) • KPMG EDP Auditors / IRM (WinNT, Y2K) • Post-grad IT-auditing (VU) • Sogeti • ABN AMRO (Group Audit, Group Security; projects++, outsourcing, security integration) • Noordbeek • VU, NOREA (VC, CHBr), ISACA, ISSA (NL, Int’l), PvIB
  • 3. College Stuxnet: It goan oan / Proces-IT 2010 10 06 3 Agenda • Maeslant en ‫ڈژک‬ • Proces-IT • Administratieve systemen en zo • Ubiquitous information
  • 4. College Stuxnet: It goan oan / Proces-IT 2010 10 06 4 Neerlands Trots
  • 5. College Stuxnet: It goan oan / Proces-IT 2010 10 06 5
  • 6. College Stuxnet: It goan oan / Proces-IT 2010 10 06 6 Stuxnet • Sinds juni (?) in omloop / in beeld • Zeer veel kennis erin • Team effort • Niet uit op creditcard-info. Huh? • Via USB-poort • Siemens WinCC/PCS7, specifieke functies • September: • Vooral anti-Iran • ‘Opstart kerncentrale uitgesteld’ • Round up the usual suspects • Sporen van politieke boodschappen • Israël ..? India? USoA? Wie?
  • 7. College Stuxnet: It goan oan / Proces-IT 2010 10 06 7 It goat oan • Probleem: Slechte beheersing proces-IT • Al lang bekend • Na bragging rights door defacing • En na financieel gewin via banking trojans • Nu third wave • “Cyberwarfare”?
  • 8. College Stuxnet: It goan oan / Proces-IT 2010 10 06 8 (Financieel gewin) • Geen lonely wolves • Industrie: • Vuln-searchers • Exploit developers • CC harvesters • CC brokers • CC smurfers / mules • Collectors • Hosting / defense • Botnets: same • Sw is copyable…
  • 9. College Stuxnet: It goan oan / Proces-IT 2010 10 06 9 Agenda • Maeslant en ‫ڈژک‬ • Proces-IT • Administratieve systemen en zo • Ubiquitous information
  • 10. College Stuxnet: It goan oan / Proces-IT 2010 10 06 10 Proces-IT • Vanuit de elektrotechniek • Specialistisch • Kritieke systemen!
  • 11. College Stuxnet: It goan oan / Proces-IT 2010 10 06 11 Meer
  • 12. College Stuxnet: It goan oan / Proces-IT 2010 10 06 12 Control
  • 13. College Stuxnet: It goan oan / Proces-IT 2010 10 06 13 Ook wel: SCADA SCADA = supervisory control and data acquisition. • Industrial control systems: computer systems that monitor and control industrial, infrastructure, or facility-based processes, as described below: • Industrial processes: manufacturing, production, power generation, fabrication, refining Continuous, batch, repetitive, or discrete modes. • Public or private, incl water treatment and distribution, wastewater collection and treatment, oil and gas pipelines, electrical power transmission and distribution, wind farms, civil defense sirens, and large communication systems. • Facilities public/ private, incl buildings, airports, ships, and space stations. They monitor and control HVAC, access, and energy consumption.
  • 14. College Stuxnet: It goan oan / Proces-IT 2010 10 06 14 Elementen • HMI: Human-Machine Interface • Monitoring • Control • Supervisory (computer) system • Data-acquisitie • Control commands sturen • RTUs: Remote Terminal Units • Connect sensors in het proces • Converteren sensorsignalen naar digitaal • Zenden digitale signalen naar supervisory system • PLCs: Programmable Logic Controllers • ‘Field devices’: goedkoper en flexibeler dan special-purpose RTUs • Communicatie-devices/kabels
  • 15. College Stuxnet: It goan oan / Proces-IT 2010 10 06 15 SCADA Nota bene: • PLCs controllen standaardproces • RTUs pakken afwijkingen op • Mensen pakken afwijkingen op hoger niveau op (iff) • Tag db: • Tags/points = gemonitorde I/O waarde • Hard (1) / soft (combi) • + Timestamp, + Metadata
  • 16. College Stuxnet: It goan oan / Proces-IT 2010 10 06 16 Plaatje (Historian)
  • 17. College Stuxnet: It goan oan / Proces-IT 2010 10 06 17
  • 18. College Stuxnet: It goan oan / Proces-IT 2010 10 06 18
  • 19. College Stuxnet: It goan oan / Proces-IT 2010 10 06 19
  • 20. College Stuxnet: It goan oan / Proces-IT 2010 10 06 20
  • 21. College Stuxnet: It goan oan / Proces-IT 2010 10 06 21 P-roblemen • Geen aandacht voor beveiliging en autenticatie in ontwerp, uitrol, operations in huidige generaties SCADA-netwerken • (Geen) security through obscurity (meer) • Vertrouwen op speciale protocollen, proprietary interfaces (nog!) • ‘Fysieke beveiliging is voldoende’ • ‘Hangen niet aan het Internet’
  • 22. College Stuxnet: It goan oan / Proces-IT 2010 10 06 22 Wat als het misgaat • Zichtbaar ? • Positieve feedforward ? • Te laat ? • Ingrijpen mogelijk ?
  • 23. College Stuxnet: It goan oan / Proces-IT 2010 10 06 23 Ook Shattered Shield 'I Had A Funny Feeling in My Gut' By David Hoffman Washington Post Foreign Service Wednesday, February 10, 1999; Page A19 • It was just past midnight as Stanislav Petrov settled into the commander's chair inside the secret bunker at Serpukhov- 15, the installation where the Soviet Union monitored its early-warning satellites over the United States. • Then the alarms went off. On the panel in front him was a red pulsating button. One word flashed: "Start." • It was Sept. 26, 1983, and Petrov was playing a principal role in one of the most harrowing incidents of the nuclear age, a false alarm signaling a U.S. missile attack. Although virtually unknown to the West at the time, the false alarm at the closed military facility south of Moscow came during one of the most tense periods of the Cold War. And the episode resonates today because Russia's early-warning system has fewer than half the satellites it did back then, raising the specter of more such dangerous incidents. • As Petrov described it in an interview, one of the Soviet satellites sent a signal to the bunker that a nuclear missile attack was underway. The warning system's computer, weighing the signal against static, concluded that a missile had been launched from a base in the United States. • The responsibility fell to Petrov, then a 44-year-old lieutenant colonel, to make a decision: Was it for real? Petrov was situated at a critical point in the chain of command, overseeing a staff that monitored incoming signals from the satellites. He reported to superiors at warning-system headquarters; they, in turn, reported to the general staff, which would consult with Soviet leader Yuri Andropov on the possibility of launching a retaliatory attack. • Petrov's role was to evaluate the incoming data. At first, the satellite reported that one missile had been launched – then another, and another. Soon, the system was "roaring," he recalled – five Minuteman intercontinental ballistic missiles had been launched, it reported. • Despite the electronic evidence, Petrov decided – and advised the others – that the satellite alert was a false alarm, a call that may have averted a nuclear holocaust. But he was relentlessly interrogated afterward, was never rewarded for his decision and today is a long-forgotten pensioner
  • 24. College Stuxnet: It goan oan / Proces-IT 2010 10 06 24 Agenda • Maeslant en ‫ڈژک‬ • Proces-IT • Administratieve systemen en zo • Ubiquitous information
  • 25. College Stuxnet: It goan oan / Proces-IT 2010 10 06 25 Traditioneel ‘Business’ Information Mgt IT Strat Tact Oper
  • 26. College Stuxnet: It goan oan / Proces-IT 2010 10 06 26 Informatiebeveiliging ‘Business’ Information Mgt IT Strat Tact Oper IT-beveiliging
  • 27. College Stuxnet: It goan oan / Proces-IT 2010 10 06 27 Bedreigingen … Sorry! Overstroming Windhoos Aardbeving Grieppandemie Zonder opzet Crackers Fraudeurs Actiegroepen Tegenzin / Geen tijd ?Met opzet Acts of Man Acts of nature (‘Acts of God’)
  • 28. College Stuxnet: It goan oan / Proces-IT 2010 10 06 28 Bedreigingen • Acts of Man • Actief / Passief (blijven) • I’m sorry-attacks • Domheid • ‘Operational risks’..!
  • 29. College Stuxnet: It goan oan / Proces-IT 2010 10 06 29 En dan: Controls = Maatregelen, bijsturingsmiddelen • Organisatorisch (functiescheiding) • Procedureel (afvinken rapporten) • Fysiek (toegang) • IT (…) • Geld (verzekering) • In combinatie (Er is geen silver bullet!)
  • 30. College Stuxnet: It goan oan / Proces-IT 2010 10 06 30 Controls (bescherming?) • Afschrikkende • Preventieve, • Detectieve, • Repressieve, • Beperkende en opvangende, • Corrigerende en terugwinnende • Hoe eerder hoe beter • Net beter dan de buren
  • 31. College Stuxnet: It goan oan / Proces-IT 2010 10 06 31 Controls (vervolg) • Traditioneel: Accountantshobby, Maar niet langer alleen t.b.v. jaarrekeningcontrole • Taalprobleem: Operationeel doen ↔ Op managementniveau uitleggen • Modes • RBAC • Classificatie • Architectuur
  • 32. College Stuxnet: It goan oan / Proces-IT 2010 10 06 32 Controls: kosten, baten • Schade ↔ kosten van controls (direct, indirect, reputatie?) • Vantevoren cijfers nodig! • Frequentie / kans • Impact, schade (2x) • Kosten → continu → rapporteren (niks merkbaar?) • Effectiviteit • FUD werkt misschien toch beter
  • 33. College Stuxnet: It goan oan / Proces-IT 2010 10 06 33 Waar is de control loop-gedachte? • Nergens. Administratievelingen kennen die niet • Nou ja, helemaal nergens…
  • 34. College Stuxnet: It goan oan / Proces-IT 2010 10 06 34 Evaluate design & set-up Analysis Monitor & react Incident Mgt CLD Insu- rance Mgt KRI (Mgt) (K)ORC (Mgt) R(S)A (+Audit) Operational Risk Management ORAP Designed, Selected for efficiency Tuning, Mandatory Near misses KRI values Corrective actions Incidents Indemnities Controls Risk indicators Incidents for analysis (Problems) Inherent risks Process Problem Mgt Breach
  • 35. College Stuxnet: It goan oan / Proces-IT 2010 10 06 35 Controls ontwerpen
  • 36. College Stuxnet: It goan oan / Proces-IT 2010 10 06 36 Agenda • Maeslant en ‫ڈژک‬ • Proces-IT • Administratieve systemen en zo • Ubiquitous information
  • 37. College Stuxnet: It goan oan / Proces-IT 2010 10 06 37 Ubicomp / Ubi Info
  • 38. College Stuxnet: It goan oan / Proces-IT 2010 10 06 38 Ubi-problemen • Wie zit er aan de gegevens, Wie is in control ? • Privacy • Trawling for patterns (total surveillance) • Where’s your data …? (Cloud2), Wie zorgt ervoor ?
  • 39. College Stuxnet: It goan oan / Proces-IT 2010 10 06 39 Ubi-problemen (II) • Herstelbaarheid fouten • Waar moet je zijn ? (Aansprakelijkheid voor schade ?) • Wiens woord telt ? • Location-based by default stemmen ?
  • 40. College Stuxnet: It goan oan / Proces-IT 2010 10 06 40 Hoe nu beveiligen? • Admin systemen: Easy in theorie Maar: Theorie vs de mens ? • Proces-IT: Dunno. Maar: …? Actie nodig ! • Ubi Info: It goat oan
  • 41. College Stuxnet: It goan oan / Proces-IT 2010 10 06 41 Iets meer in beeld ‘Business’ Information Mgt IT‘Overheid’?Burger
  • 42. College Stuxnet: It goan oan / Proces-IT 2010 10 06 42 Agenda • Maeslant en ‫ڈژک‬ • Proces-IT • Administratieve systemen en zo • Ubiquitous information • The End
  • 43. College Stuxnet: It goan oan / Proces-IT 2010 10 06 43 Vragen …? We gaan vooruit !
  • 44. College Stuxnet: It goan oan / Proces-IT 2010 10 06 44 The End