national framework for protecting critical infrastructure

profilesravz
Cyber_Attacks_Chapter01_PowerPoint_Lecture_Slides.pdf

1 1 Copyright © 2012, Elsevier Inc.

All Rights Reserved

Chapter 1

Introduction

Cyber Attacks Protecting National Infrastructure, 1st ed.

2

•  Na#onal  infrastructure   –  Refers  to  the  complex,  underlying  delivery  and  support   systems  for  all  large-­‐scale  services  considered  absolutely   essen#al  to  a  na#on  

•  Conven#onal  approach  to  cyber  security  not  enough   •  New  approach  needed  

–  Combining  best  elements  of  exis#ng  security  techniques   with  challenges  that  face  complex,  large-­‐scale  na#onal   services  

Copyright © 2012, Elsevier Inc. All rights Reserved

C hapter 1 – Introduction

Introduc#on  

3 Copyright © 2012, Elsevier Inc.

All rights Reserved

C hapter 1 – Introduction

Fig.  1.1  –  Na#onal  infrastructure   cyber  and  physical  aDacks  

4 Copyright © 2012, Elsevier Inc.

All rights Reserved

C hapter 1 – Introduction

Fig.  1.2  –  Differences  between   small-­‐  and  large-­‐scale  cyber  security  

5 Copyright © 2012, Elsevier Inc.

All rights Reserved

C hapter 1 – Introduction •  Three  types  of  malicious  adversaries  

–  External  adversary   –  Internal  adversary   –  Supplier  adversary  

Na#onal  Cyber  Threats,     Vulnerabili#es,  and  ADacks  

6 Copyright © 2012, Elsevier Inc.

All rights Reserved

C hapter 1 – Introduction

Fig.  1.3  –  Adversaries  and   exploita#on  points  in  na#onal  

infrastructure  

7 Copyright © 2012, Elsevier Inc.

All rights Reserved

C hapter 1 – Introduction •  Three  exploita#on  points  

–  Remote  access     –  System  administra#on  and  normal  usage     –  Supply  chain  

Na#onal  Cyber  Threats,     Vulnerabili#es,  and  ADacks  

8 Copyright © 2012, Elsevier Inc.

All rights Reserved

C hapter 1 – Introduction •  Infrastructure  threatened  by  most  common  security  

concerns:     –  Confiden#ality   –  Integrity   –  Availability   –  TheQ  

Na#onal  Cyber  Threats,     Vulnerabili#es,  and  ADacks  

9 Copyright © 2012, Elsevier Inc.

All rights Reserved

C hapter 1 – Introduction

Botnet  Threat  

•  What  is  a  botnet  a(ack?   –  The  remote  collec#on  of  compromised  end-­‐user  machines   (usually  broadband-­‐connected  PCs)  is  used  to  aDack  a   target.  

–  Sources  of  aDack  are  scaDered  and  difficult  to  iden#fy   –  Five  en##es  that  comprise  botnet  aDack:  botnet  operator,   botnet  controller,  collec0on  of  bots,  botnot  so3ware  drop,   botnet  target  

10 Copyright © 2012, Elsevier Inc.

All rights Reserved

C hapter 1 – Introduction

•  Five  en##es  that  comprise  botnet  aDack:     –  Botnet  operator   –  Botnet  controller   –  Collec#on  of  bots   –  Botnot  soQware  drop   –  Botnet  target  

•  Distributed  denial  of  service  (DDOS)  aDack:  bots   create  “cyber  traffic  jam”  

Botnet  Threat  

11 Copyright © 2012, Elsevier Inc.

All rights Reserved

C hapter 1 – Introduction Fig.  1.4  –  Sample  DDOS  aDack  from  a  

botnet  

12

Na#onal  Cyber  Security     Methodology  Components  

Copyright © 2012, Elsevier Inc. All rights Reserved

C hapter 1 – Introduction •  Ten  basic  design  and  opera#on  principles:  

–  Decep#on    –    Discre#on   –  Separa#on    –    Collec#on   –  Diversity      –    Correla#on   –  Commonality      –    Awareness   –  Depth        –    Response  

13

•  Deliberately  introducing  misleading  func#onality  or   misinforma#on  for  the  purpose  of  tricking  an   adversary   –  Computer  scien#sts  call  this  func#onality  a  honey  pot  

•  Decep#on  enables  forensic  analysis  of  intruder   ac#vity  

•  The  acknowledged  use  of  decep#on  may  be  a   deterrent  to  intruders  (every  vulnerability  may   actually  be  a  trap)  

Copyright © 2012, Elsevier Inc. All rights Reserved

C hapter 1 – Introduction

Decep#on  

14 Copyright © 2012, Elsevier Inc.

All rights Reserved

C hapter 1 – Introduction Fig.  1.5  –  Components  of  an  interface  

with  decep#on  

15

•  Separa#on  involves  enforced  access  policy   restric#ons  on  users  and  resources  in  a  compu#ng   environment  

•  Most  companies  use  enterprise  firewalls,  which  are   complemented  by  the  following:   –  Authen#ca#on  and  iden#ty  management   –  Logical  access  controls   –  LAN  controls   –  Firewalls  

Copyright © 2012, Elsevier Inc. All rights Reserved

C hapter 1 – Introduction

Separa#on  

16

Fig.  1.6  –  Firewall  enhancements  for   na#onal  infrastructure  

Copyright © 2012, Elsevier Inc. All rights Reserved

C hapter 1 – Introduction

17

•  Diversity  is  the  principle  of  using  technology  and   systems  that  are  inten#onally  different  in   substan#ve  ways.  

•  Diversity  hard  to  implement   –  A  single  soQware  vendor  tends  to  dominate  the  PC   opera#ng  system  business  landscape  

–  Diversity  conflicts  with  organiza#onal  goals  of  simplifying   supplier  and  vendor  rela#onships  

Copyright © 2012, Elsevier Inc. All rights Reserved

C hapter 1 – Introduction

Diversity  

18 Copyright © 2012, Elsevier Inc.

All rights Reserved

C hapter 1 – Introduction

Fig.  1.7  –  Introducing  diversity  to   na#onal  infrastructure  

19

•  Consistency  involves  uniform  aDen#on  to  security   best  prac#ces  across  na#onal  infrastructure   components  

•  Greatest  challenge  involves  audi#ng   •  A  na#onal  standard  is  needed  

Copyright © 2012, Elsevier Inc. All rights Reserved

C hapter 1 – Introduction

Commonality  

20

•  Depth  involves  using  mul#ple  security  layers  to   protect  na#onal  infrastructure  assets    

•  Defense  layers  are  maximized  by  using  a   combina#on  of  func#onal  and  procedural  controls  

Copyright © 2012, Elsevier Inc. All rights Reserved

C hapter 1 – Introduction

Depth  

21 Copyright © 2012, Elsevier Inc.

All rights Reserved

C hapter 1 – Introduction

Fig.  1.8  –  Na#onal  infrastructure   security  through  defense  in  depth  

22

•  Discre#on  involves  individuals  and  groups  making   good  decisions  to  obscure  sensi#ve  informa#on   about  na#onal  infrastructure  

•  This  is  not  the  same  as  “security  through  obscurity”  

Copyright © 2012, Elsevier Inc. All rights Reserved

C hapter 1 – Introduction

Discre#on  

23

•  Collec#on  involves  automated  gathering  of  system-­‐ related  informa#on  about  na#onal  infrastructure  to   enable  security  analysis    

•  Data  is  processed  by  a  security  informa0on   management  system.  

•  Opera#onal  challenges   –  What  type  of  informa#on  should  be  collected?   –  How  much  informa#on  should  be  collected?  

Copyright © 2012, Elsevier Inc. All rights Reserved

C hapter 1 – Introduction

Collec#on  

24 Copyright © 2012, Elsevier Inc.

All rights Reserved

C hapter 1 – Introduction

Fig.  1.9  –  Collec#ng  na#onal   infrastructure-­‐related  security  

informa#on  

25

•  Correla#on  involves  a  specific  type  of  analysis  that   can  be  performed  on  factors  related  to  na#onal   infrastructure  protec#on   –  This  type  of  comparison-­‐oriented  analysis  is  indispensable  

•  Past  ini#a#ves  included  real-­‐#me  correla#on  of  data   at  fusion  center   –  Difficult  to  implement  

Copyright © 2012, Elsevier Inc. All rights Reserved

C hapter 1 – Introduction

Correla#on  

26

Fig.  1.10  –  Na#onal  infrastructure  high-­‐ level  correla#on  approach  

Copyright © 2012, Elsevier Inc. All rights Reserved

C hapter 1 – Introduction

27

•  Awareness  involves  an  organiza#on  understanding   the  differences  between  observed  and  normal  status   in  na#onal  infrastructure  

•  Most  agree  on  the  need  for  awareness,  but  how  can   awareness  be  achieved?  

Copyright © 2012, Elsevier Inc. All rights Reserved

C hapter 1 – Introduction

Awareness  

28 Copyright © 2012, Elsevier Inc.

All rights Reserved

C hapter 1 – Introduction

Fig.  1.11  –  Real-­‐#me  situa#on   awareness  process  flow  

29

•  Response  involves  the  assurance  that  processes  are   in  place  to  react  to  any  security-­‐related  indicator   –  Indicators  should  flow  from  the  awareness  layer  

•  Current  prac#ce  in  smaller  corporate  environments   of  reducing  “false  posi#ves”  by  wai#ng  to  confirm   disaster  is  not  acceptable  for  na#onal  infrastructure    

Copyright © 2012, Elsevier Inc. All rights Reserved

C hapter 1 – Introduction

Response  

30 Copyright © 2012, Elsevier Inc.

All rights Reserved

C hapter 1 – Introduction

Fig.  1.12  –  Na#onal  infrastructure   security  response  approach  

31

•  Commissions  and  groups   •  Informa#on  sharing   •  Interna#onal  coopera#on   •  Technical  and  opera#onal  costs  

Copyright © 2012, Elsevier Inc. All rights Reserved

C hapter 1 – Introduction

Implemen#ng  the  Principles   Na#onally