Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity...
Transcript of Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity...
![Page 1: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/1.jpg)
Trains, Planes, & Automobiles
Reducing cyber security risks
Presented by Leonard Jacobs, MBA, CISSP, CSSA
Founder, President and CEO of Netsecuris Inc.
© 2016 Netsecuris Inc. All rights reserved.
1
![Page 2: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/2.jpg)
What is it about? What it is not?
This presentation is about:
The What-ifs
The possibilities
This presentation is not about:
Absolutes
Products
© 2016 Netsecuris Inc. All rights reserved.
2
![Page 3: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/3.jpg)
Are we still sure there is no cyber risk?
© 2016 Netsecuris Inc. All rights reserved.
3
![Page 4: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/4.jpg)
Is Rail Immune?
© 2016 Netsecuris Inc. All rights reserved.
4
![Page 5: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/5.jpg)
Rail Systems Potentially Vulnerable Train Operations
HMI
Propulsion
Braking
Door Controls
Signaling Interfaces
Automatic Train Control
Fire Detection
Emergency Systems
Remote Diagnosis/Fault Monitoring
Remote Software Updates
© 2016 Netsecuris Inc. All rights reserved.
5
![Page 6: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/6.jpg)
Are Aircraft Immune to Cyber Attacks?
© 2016 Netsecuris Inc. All rights reserved.
6
![Page 7: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/7.jpg)
Are Aircraft Really Immune to Cyber Attacks?
© 2016 Netsecuris Inc. All rights reserved.
7
![Page 8: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/8.jpg)
What about Internet Connectivity with Aircraft
Systems?
© 2016 Netsecuris Inc. All rights reserved.
8
![Page 9: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/9.jpg)
Aircraft controls are getting more sophisticated
© 2015 Netsecuris Inc. All rights reserved.
9
![Page 10: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/10.jpg)
Is there cyber security risk in
the world of motion?
© 2016 Netsecuris Inc. All rights reserved.
10
![Page 11: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/11.jpg)
Are we absolutely, positively sure?
© 2016 Netsecuris Inc. All rights reserved.
11
![Page 12: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/12.jpg)
A Different Cyber Attack on Car
© 2016 Netsecuris Inc. All rights reserved.
12
![Page 13: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/13.jpg)
Not another automobile attack!
© 2016 Netsecuris Inc. All rights reserved.
13
![Page 14: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/14.jpg)
Oh no! Can we safely drive a car?
© 2016 Netsecuris Inc. All rights reserved.
14
![Page 15: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/15.jpg)
© 2016 Netsecuris Inc. All rights reserved.
15
When you connect a car to the
Internet, it is no longer just a car:
It is a computer on wheels.
There is legislation aptly named
the “Security and Privacy in your
Car Act” is currently in
consideration by Congress.
![Page 16: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/16.jpg)
Cyber Attack an Automobile
© 2016 Netsecuris Inc. All rights reserved.
16
Source: Intel Security
![Page 17: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/17.jpg)
Internet of Things
Shift in Cybersecurity Thinking
Expands the cybersecurity landscape
Old ways vs. New ways
Take traditional cybersecurity security measures and adapt
Ability to apply traditional cybersecurity measures as is
IOT Sensors
© 2015 Netsecuris Inc. All rights reserved.
17
![Page 18: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/18.jpg)
Cybersecurity Solutions
© 2016 Netsecuris Inc. All rights reserved.
18
![Page 19: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/19.jpg)
Non-signature based Detection/Prevention
Not traditional Anomaly Detection/Prevention
Behavioral Baselining
Determining what is normal
Looking for the unusual
© 2015 Netsecuris Inc. All rights reserved.
19
![Page 20: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/20.jpg)
Network Security Monitoring
Not dependent on any one source of data
Uses the best computer we have
Threat Centric vs. Vulnerability Centric
Goalie vs. Brick Wall
© 2015 Netsecuris Inc. All rights reserved.
20
![Page 21: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/21.jpg)
Network Security Monitoring
Threat Centric
Prevention will eventually fail
Focuses on collection
Combines intelligence with every attack
Cyclical process
Not just reliant on known signatures
© 2015 Netsecuris Inc. All rights reserved.
21
![Page 22: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/22.jpg)
Network Security Monitoring
Tools
Suricata (Open Information Security Foundation)
Bro
Wireshark (Tshark)
TCPDump
Netflow
Security Onion
© 2015 Netsecuris Inc. All rights reserved.
22
![Page 23: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/23.jpg)
Network Cloaking
Host Identity Protocol (HIP)
IETF RFC 7401 Host Identity Protocol v2 and RFC
4423 HIP Architecture
HIP separates the end-point identifier and locator
roles of IP addresses.
In HIP networks, IP addresses are eliminated and
replaced with cryptographic host identifiers.
HIP is ideal for cloaking the identity of ICS devices
and hiding their IP address.
© 2015 Netsecuris Inc. All rights reserved.
23
![Page 24: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/24.jpg)
Network Cloaking
Implements “Zero Trust” Model
Device A trusts Device B but not Device C
But Device B can be allowed to trust Device C
Secure the communications even further
with high level of encryption so no traffic can
be interpreted except by the end points that
trust each other.
All orchestrated efficiently and quickly
© 2015 Netsecuris Inc. All rights reserved.
24
![Page 25: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/25.jpg)
Cybersecurity Intelligence
Those with the data will be the “winner.”
Provides an “early warning system.”
Feeds your cybersecurity control devices
Examples:
CRISP Program
SoltraEdge
A whole slew of commercial and free resources
© 2015 Netsecuris Inc. All rights reserved.
25
![Page 26: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/26.jpg)
Miniaturization of Cybersecurity™
Integration of cybersecurity onto silicon
EZ Chip -> Mellanox (Tilera) and
Suricata
Intel’s acquisition of McAfee
Firewall and IDS/IPS Everywhere
Fast Response Times
© 2015 Netsecuris Inc. All rights reserved.
26
![Page 27: Trains, Planes, & Automobiles Reducing cyber security risks · Network Cloaking Host Identity Protocol (HIP) IETF RFC 7401 Host Identity Protocol v2 and RFC 4423 HIP Architecture](https://reader034.fdocuments.in/reader034/viewer/2022050503/5f959cee3a50df1b12097cea/html5/thumbnails/27.jpg)
Contact Information
Leonard Jacobs, MBA, CISSP, CSSA
President/CEO
Email: [email protected]
Office: +1 (952) 641-1421
Thank You and Questions
© 2016 Netsecuris Inc. All rights reserved.
27