Embed Size (px)
DESCRIPTION
Physical and Cyber Attacks. Inspirational Quote. Country in which there are precipitous cliffs with torrents running between, deep natural hollows, confined places, tangled thickets, quagmires and crevasses, should be left with all possible speed and not approached. - Sun Tzu. - PowerPoint PPT Presentation
Citation preview
Physical and Cyber Attacks 1
Physical and Cyber Attacks
Physical and Cyber Attacks 2
Inspirational Quote
Country in which there are precipitous cliffs with torrents running between, deep natural hollows, confined places, tangled thickets, quagmires and crevasses, should be left with all possible speed and not approached.
- Sun Tzu
Physical and Cyber Attacks 3
Underlying PrinciplesSeparation of physical and cyber security no longer possible
Physical events can have cyber consequences
Cyber events can have physical consequences
Understanding the cyber environment is now an essential element of developing and maintaining situational control
The nature of cyberspace means that the old “fortress” mentality is no longer viable
Physical and Cyber Attacks 4
Physical Security•Physical security critical to security of cyber environment – essential during advance visits•Loss of physical infrastructure can cause loss of cyber infrastructure• Must consider both material and human factors
Physical and Cyber Attacks 5
Impacts•Unmonitored activity of outsiders can increase risk to networked systems through unauthorized access•Weak security practices at IT centers increases risk of unauthorized access to both the facility and network systems•Unmonitored employee activity significantly increases the insider threat.
Physical and Cyber Attacks 6
Security Policies
• Does the organization have physical and cyber security policies?
• Have they been reviewed with respect to each other?
• Are the parties responsible for these policies in contact?
• What are the enforcement methods?
Physical and Cyber Attacks 7
Specific Policy Areas of Concern
• Hiring and firing• Outsourcing contracts• Visitors• Customers/sponsors• Special events
Physical and Cyber Attacks 8
Facility Controls• Are the physical security plans for the facility
documented and tested?• To what degree is the physical security dependent on
computers and information networks?• Policies and procedures for visitors?• Do new or renovated facilities have computer
controlled elevators, escalators, security systems, or fire doors?
• Are these systems isolated or are they connected via the Internet to an external security provider?
Physical and Cyber Attacks 9
Personnel Controls
• Background checks• Access Logs / work patterns• Proactive management• Problem resolution
Physical and Cyber Attacks 10
Physical Protection of Information Resources
How is physical access to remote nodes controlled?
What precautions are taken to minimize access to servers, cabling, routers, etc.?
What access controls are in place?
How are the access controls updated and managed?
How are system components physically safeguarded?
Are audit and monitoring records routinely examined for anomalies and necessary corrective actions? By whom?
Physical and Cyber Attacks 11
Network Security
What does the network look like?
What is the connectivity between networks?
Can the network be accessed from the outside?
What encryption protocols (if any) are in use on the network?
Physical and Cyber Attacks 12
Network ConcernsIs redundancy built into the network?
Are all necessary security patches in place?
How often are security patch requirements reviewed?
Are there external nodes on the network, and if so, are any of them wireless?
Is the network administered on-site or at a remote facility?
Physical and Cyber Attacks 13
Physical Protection of Personnel
• Emergencies• Travel• Commuting• Environment
– Pollution– Disease
• Assembly/communication
Physical and Cyber Attacks 14
Information Protection of Physical Resources
• What information regarding the facility is available on the network?
• Is there information about guests, employees, critical functions available? (scheduling, credentialing, etc.)
• What access controls are in place for this information? (technology, procedure)
• Is sensitive or critical information protected by secure, offsite storage and backups?
• Is the integrity of installed software and data verified regularly? How?
• Are all changes to IT hardware and software planned, controlled, and documented?
• Is unique user identification required for all information system users, including third-party users?
Physical and Cyber Attacks 15
Information Protection of Personnel
• Personally-identifying information• Personally-threatening information• Personally-compromising information• Localization/schedule information
Physical and Cyber Attacks 16
Personnel Protection of Information
• Training• Awareness• Process• Follow-up• Value
Physical and Cyber Attacks 17
Example Impacts• Interruption of emergency services
– 911 service off line– Disruption of hospital networks– Potential loss of life
• Interruption of power grid– Disruption of services dependent on power
• Hospitals• Hazardous material facilities• Secure facilities
– Traffic control in chaos– Potential financial loss enormous
Physical and Cyber Attacks 18
Cascade Impacts• Interruption of Telecommunications
– Impact on all levels of communications– Severe impact on financial services– Loss of communications with public impacts confidence in
government– Potentially serious impact on military logistics (over 90 percent of
all logistics over private infrastructure)
• Interruption of Transportation– Disruption of commerce– Foodstuffs and fuel deliveries interrupted– Potential hazardous material compromises– Direct impact on population
![Cross-Level Detection Framework for Attacks on Cyber-Physical Systems · Cyber-Physical System Security There is extensive research on CPS and security [14, 15] focusing on: Smart](https://img.pdfslide.us/doc/110x75/5f0b8daa7e708231d4311583/cross-level-detection-framework-for-attacks-on-cyber-physical-systems-cyber-physical.jpg)
