vineri, 24 noiembrie 2017

IoT (Internet of Things) Attack | Stuxnet of Iran | Forensic 101

http://bit.do/dTYqQ BeauGauge secret sale page.
Everyone and everything is online now. We live our lives online, we chat online, we shop online and we even learn online. Our finances have shifted online too, especially post demonetisation. The government is striving to make our economy digital. Digital India is their goal. It sounds well and good. A digital economy will mean fewer cash frauds, easier transactions and a significant decrease in the flow of black money. However, going digital isn't really the safest bet. Hacking and online attacks are an everyday phenomenon. Online fraud, identity theft even online robberies happen all around the world on a daily basis. This is one of the main reasons we need to educate and take digital forensics seriously. We at Forensic 101 create videos on the digital frauds and hacks that takes place in day to day life, hence educating people and making internet a safe place. We work closely with DIgital Forensic Solution companies and education institutes. As a technology, IoT is unique since it has a role to play in consumer, enterprise and industrial worlds. At the consumer level, the adoption of IoT for areas including home monitoring & control, wearable tech, and connected cars has already started. At the enterprise level building management, fleet management, hospital management, retail, telecom, and energy sectors are already adopting it for various benefits. Industrial world has been long adopted by Power Grids, Oil & Gas, Utilities, Nuclear Plants and Traffic Control. IoT facilitates integrating the physical world with virtual for example life saving devices embedded in human body and managed from outside without the need for complex surgical procedures is one such example. IoT risks are complex since IoT technology stack has many new components including IoT sensors, protocols, gateways, and management platforms. Ubiquitous use of a technology in wide ranging areas brings forth risks that range from significant to catastrophic. Nuclear facilities can be damaged overnight by compromising the IoT infrastructure. Similarly nation state attacks are expected to target IoT used in power grids and other utilities. Smart cities can get paralyzed in minutes. At a tactical level, every IOT project can follow these security measures: ♦ Build security into IOT architecture with relevant components: Doing so will provide around the box security till the time IOT protocols can be secure by design. This requires adhering to fundamentals including authentication, access control, and encryption. ♦ Build monitoring controls at different levels: This step covers IOT gateways, IOT management platform, IT infrastructure, and cloud monitoring to ensure that attacks are caught early. ♦ Detailed security assessment and penetration testing: These tests are imperative for secured IOT infrastructure before roll out and on a periodic basis. Stuxnet was a 500-kilobyte computer worm that infiltrated numerous computer systems. This virus operated in three steps. First, it analyzed and targeted Windows networks and computer systems. The worm, having infiltrated these machines, began to continually replicate itself. Next, the machine infiltrated the Windows-based Siemens Step7 software. This Siemens software system was and continues to be prevalent in industrial computing networks, such as nuclear enrichment facilities. Lastly, by compromising the Step7 software, the worm gained access to the industrial program logic controllers. Stuxnet Effect on Iran Over fifteen Iranian facilities were attacked and infiltrated by the Stuxnet worm. It is believed that this attack was initiated by a random worker's USB drive. One of the affected industrial facilities was the Natanz nuclear facility. The first signs that an issue existed in the nuclear facility's computer system in 2010. Inspectors from the International Atomic Energy Agency visited the Natanz facility and observed that a strange number of uranium enriching centrifuges were breaking. The cause of these failures was unknown at the time. Later in 2010, Iran technicians contracted computer security specialists in Belarus to examine their computer systems. This security firm eventually discovered multiple malicious files on the Iranian computer systems. It has subsequently revealed that these malicious files were the Stuxnet worm. Although Iran has not released specific details regarding the effects of the attack, it is currently estimated that the Stuxnet worm destroyed 984 uranium enriching centrifuges. By current estimations this constituded a 30% decrease in enrichment efficiency.

Niciun comentariu:

Trimiteți un comentariu