CYBERSECURITY ISSUES FOR THE CRITICAL INFORMATION

INFRASTRUCTURE IN THE OIL AND GAS INDUSTRY

Dmitry GusevDeputy Director General, Infotecs JSC

Joint meeting of the IBC “Information and Communication” Working Committee and Russian Federation Chamber of Commerce and Industry30 of March 2018, Moscow, Russia Federation

©2017 Infotecs JSC

ABOUT USInfotecs JSC (Information Technologies and Communication Systems)

Founded in 1989. Since 1991, registered among the first Russian joint-stock companies. 26 years of experience in the development of cryptographic and network data protection tools.

A major player in the Russian market of Network security solutions: more than 1 million client software licenses and more than 70,000 server products (software, appliances) sold

A secretary company of TC 26 (Technical Committee for Standardization “Cryptography and Security Mechanisms”)

• 800+ Employees

• 50+ Products

• 9 Offices

• 4 Subsidiares

• 200+ Partners

ViPNet

Crypto routers / VPN

Firewalls/IDS

HIDS

Threat IntelligenceEmbedded Crypto Modules / SDKs

PKI and Applied Cryptography

VIPNET PRODUCTS PORTFOLIO

Certification

EducatuionResearches of information

security

Standardization

©2017 Infotecs JSC

ICS Cyber Attacks Statistics

©Mocana Corp.

©2017 Infotecs JSC

PROGRESS VS. SECURITY Mass implementation of typical

ICS

Using the Internet as a universal data transport

Integration of ICS with ERP andMES

Poor updates of ICS

Rapid development of remote monitoring and control systems

New global concepts and visions: Industry 4.0, IIoT, Digital Factory, PLM

Service models in industry(Industry Cloud, SECaaS)

Even one

incident on

critical

infrastructure

are

enough

©2017 Infotecs JSC

SAFETY & CONTROL CONVERGENCE!

Digital systems under the cyberattacks

2017: Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure

© Kaspersky Lab.

©2017 Infotecs JSC

REGULATORY FRAMEWORK IN RUSSIA / ICS SECURITY: STEP BY STEP

ГОСТ

ФСБФСТЭК

Отраслевые требования

PRESIDENT/GOVERNMENT

Decree of the President of the Russian Federation No. 683 of December 31, 2015 "On the National Security Strategy of the Russian Federation“

"The Doctrine of Information Security of the Russian Federation", 12/05/2016

Authorized Bodies(Federal Security Service, Federal Service for Technical and Export Control)

FSTEC Order No. 31 of March 14, 2014 «On Approval of Requirements for Providing Information Protection in Automated Control Systems»

"Requirements for firewalls," FSTEC, 2016 (inc. industrial FW).

«The concept of the state system for detecting, preventing and eliminating the consequences of computer attacks on the information resources of the Russian Federation», December 12, 2014, FSS

No.256-FL "On the safety of fuel and energy facilities“

Draft federal law "On the Security of the Critical Information Infrastructure of the Russian Federation" of December 2016.

FEDERAL LAW

©2017 Infotecs JSC

RUSSIAN NATIONAL TECHNICAL COMMITTEE FOR STANDARDIZATION

«CRYPTOGRAPHY AND SECURITY MECHANISMS» (TC 26)[ISO/IEC JTC1/SC27]

Sub-Committee 1

State secret cryptography

Sub-Committee 3

Cryptography for payment systems (National Card

Payment System)

Sub-Committee 2

Cryptography for sensitive information for government

organization

Sub-Committee 4

Mass cryptography, blockchains and IoT/IIoT

TC 26

www.tc26.ru

Cryptography for ICS

©2017 Infotecs JSC

APPLIED CRYPTOGRAPHY FOR ICS

Data and command protection

• Integrity

• Confidentiality

• Replay attack protection

• Authenticity

• Legal relevance

Personnel authorization and authentication

• Multifactor authentication

• Secret sharing

©2017 Infotecs JSC

ALL ABOUT PRIORITY

Confidentiality

Integrity

Availability

Enterprise

solutions

ICS

solutions

Availability

Integrity

Confidentiality

External (overlay)

tools

Built-in (embedded)

tools

Two ways to protect ICS

©2017 Infotecs JSC

VIPNET INDUSTRIAL/ENTERPRISE SECURITY GATEWAY MODELS

[WITH GOST CRYPTO]

55 Mbit/s

100 Mbit/s

1 Gbit/s

2,7 Gbit/s

5,5 Gbit/sHW100

HW1000

HW2000

HW50

HW5000

ViPNet Coordinator IG1010 Mbit/s

Quazar™ 10Gbit/s DWDM cryptomodules

©2017 Infotecs JSC

VIPNET SIES CORE: FIELD LEVEL CRYPTOGRAPHY

• Hardware appliance intended to integration in | with protected device

• Provides basic cryptographic operations in order to implement security scenarios as a simple crypto API

• Protected Keys management and storage

• Passive mode connection to the protected device via UART,

SPI, USB, I2C technical interfaces

• Designed as a miniPCIe module

• Industrial design and power supply: -40…+750C, 4 …17 V DC,

0.7 W (at 5 V)

or

• A set of software crypto libraries for integration, Windows/Linux and x86, ARM, MIPS architectures (Baikal)

Har

dw

are

Soft

war

e

CRISP (Cryptographic Industrial Security Protocol) – sessionlessprotocol for data transfer protectionin ICS/IIoT

©2017 Infotecs JSC

OPC UA Server

РВС

RS-485

Сервера ввода-вывода

…

OPC UA Server

SCADA Server ViPNet SIES

Server

АРМ АРМ

Крановый узел

КАМ200-80

Спутник

GSM

Телемеханика

Крановый узел

КАМ200-80

Спутник

GSM

ViPNet SIES Core

Cyber protection of the gas pipeline control system

©2017 Infotecs JSC

Project of Russian ecosystem of trusted platform

Thank you foryour attention!