filmov
tv
Cyber Security - Rückwirkungsfreie OT Security an verschiedenen Branchenbeispielen praktisch erklärt
Показать описание
IT-Sicherheit in Produktionsnetzwerken ist das Thema der Stunde. Beispiele von realen Angriffsszenarien finden sich zu Hauf in den Medien. In dem Vortrag wollen wir praktisch aufzeigen wie Sie Produktionsnetzwerke sicher schützen, Angriffe schneller erkennen können und den Anforderungen des IT-Sicherheitsgesetzes 2.0 als auch den Hinweisen des BSI CS 134 gerecht werden können.
Referent:
Markus Woehl, Prokurist und internationaler Business Development Manager, VIDEC Data Engineering GmbH
__________________________________________________________________________
Scenario: Manufacturing plant receives remote service, importing malware in the process.
Good service technicians are hard to find. Often travel costs bear no proportion to the expenses incurred in the production plant.
An operator has quality problems with a newly delivered component in his machine park. After completion of the work the component's commissioning engineer is already on another construction site in China. The operator requests that the commissioning engineer dials into the system with his service laptop via a secure VPN access from the hotel and carries out the work subject to warranty.
On first sight, the quality problems appear to be solved. What the operator does not know yet: the service laptop of the commissioning company is infected with an APT (Advanced Persitance Thread). This APT begins to spread throughout the operator's network, using a DNS relay to transmit the collected data to its ""Command & Control Center"". After 4 months, the attacker decides to sell the data to the operator's main competitor - another month later, the attacker is tasked by the competitor to significantly damage the operator's production facility. The attacker changes the setpoint values of the production line and at the same time falsifies the actual quality-relevant values, causing products not in conformity with the specifications to be sold. The resulting damage to the company's image is enormous, with costs for recall and repair becoming prohibitive.
If the operator had secured his OT network by using anomaly detection, such as IRMA, he already would have known on first contact of the APT with the ""Command & Control Center"" that something unplanned was going on. In addition, the use of IRMA provides an ideal knowledge base for the detailed configuration of industrial firewalls, so that availability and security can be applied at an excellent quality level.
Speaker:
Markus Woehl, Authorized representative International Business Development, VIDEC Data Engineering GmbH
#sps #cybersecurity #itsicherheit
Referent:
Markus Woehl, Prokurist und internationaler Business Development Manager, VIDEC Data Engineering GmbH
__________________________________________________________________________
Scenario: Manufacturing plant receives remote service, importing malware in the process.
Good service technicians are hard to find. Often travel costs bear no proportion to the expenses incurred in the production plant.
An operator has quality problems with a newly delivered component in his machine park. After completion of the work the component's commissioning engineer is already on another construction site in China. The operator requests that the commissioning engineer dials into the system with his service laptop via a secure VPN access from the hotel and carries out the work subject to warranty.
On first sight, the quality problems appear to be solved. What the operator does not know yet: the service laptop of the commissioning company is infected with an APT (Advanced Persitance Thread). This APT begins to spread throughout the operator's network, using a DNS relay to transmit the collected data to its ""Command & Control Center"". After 4 months, the attacker decides to sell the data to the operator's main competitor - another month later, the attacker is tasked by the competitor to significantly damage the operator's production facility. The attacker changes the setpoint values of the production line and at the same time falsifies the actual quality-relevant values, causing products not in conformity with the specifications to be sold. The resulting damage to the company's image is enormous, with costs for recall and repair becoming prohibitive.
If the operator had secured his OT network by using anomaly detection, such as IRMA, he already would have known on first contact of the APT with the ""Command & Control Center"" that something unplanned was going on. In addition, the use of IRMA provides an ideal knowledge base for the detailed configuration of industrial firewalls, so that availability and security can be applied at an excellent quality level.
Speaker:
Markus Woehl, Authorized representative International Business Development, VIDEC Data Engineering GmbH
#sps #cybersecurity #itsicherheit
0:23:45
0:07:16
0:21:47
0:07:15
0:28:22
1:07:05
0:54:11
1:00:59