Professional Documents
Culture Documents
CDIS CV.T.1 APT On ICS
CDIS CV.T.1 APT On ICS
Conceção e Devolvimento
de Infraestruturas Seguras
UNICV
Pós-Graduação em Segurança Informática
Credits: this slide set has been prepared together with Prof. Tiago Cruz,
in the scope of several talks on this subject.
This move, together with the use of ICT technologies and the
increasing adoption of open, documented protocols, exposed
serious weaknesses in SCADA architectures.
Master
Slave 1 BD
rol
cont
p
Pum
i ng
ead
wr Slave 2
Flo
Water
pump
Water flow
sensor
so r
el sen
lev
ter
Wa
Water tank
rol
cont
e
V al v
Valve
Theorized
– Everything mechanical
– Water, waste, power, chemical, manufacturing, traffic control…
For Stuxnet to be effective and penetrate the highly guarded installations where
Iran was developing its nuclear program, the attackers had a dilemma to solve:
how to sneak the malicious code into a place with no direct internet connections?
The (probably successful) solution was targeting "high profile" companies.
CDIS UNICV © Paulo Simões - DEI/FCTUC
The APT lifecycle
(APT: Advanced Persistent Threat)
IC
A few examples:
l Duqu
https://en.wikipedia.org/wiki/Duqu
http://www.crysys.hu/publications/files/bencsathPBF11duqu.pdf
l Careto
https://en.wikipedia.org/wiki/Careto_(malware)
l Stuxnet
l …
https://www.wired.com/2016/03/inside-cunning-unprecedented-hack-ukraines-power-grid/