Future and Emerging Threats in ICT

Similar documents
Cyber Security and Cyber Fraud

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Summary of Cyber Security Issues in the Electric Power Sector

European Union Agency for Network and Information Security

How can the Future Internet

Bradford J. Willke. 19 September 2007

Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

ENISA EU Threat Landscape

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Enhancing the cyber security &

Challenges in Developing National Cyber Security Policy Frameworks

Valérie Andrianavaly European Commission DG INFSO-A3

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

A Security View-point

Cybersecurity Standards Coordination and Deployment Strategies: CITEL Initiatives

The Australian Government s Approach to Critical Infrastructure Resilience

THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS

Discussion on MS contribution to the WP2018

Examining future priorities for cyber security management

Cybersecurity and Vulnerability Assessment

About Issues in Building the National Strategy for Cybersecurity in Vietnam

Critical Infrastructure

Security and resilience in Information Society: the European approach

Cyber Security in Europe

Security and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy

Security in India: Enabling a New Connected Era

Modelling Cyber Security Risk Across the Organization Hierarchy

EPRI Research Overview IT/Security Focus. Power Delivery & Energy Utilization Sector From Generator Bus Bar to End Use

Supply Chain Integrity and Security Assurance for ICT. Mats Nilsson

Commonwealth Cyber Declaration

NEW INNOVATIONS NEED FOR NEW LAW ENFORCEMENT CAPABILITIES

Cybersecurity & Digital Privacy in the Energy sector

ASREN Arab States Research and Education Network

Innovation policy for Industry 4.0

The NIS Directive and Cybersecurity in

CYBER RESILIENCE & INCIDENT RESPONSE

Doug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017

Forum. Ningbo, China 25 February

Secure Technology Alliance Response: NIST IoT Security and Privacy Risk Considerations Questions

BUSINESS CONTINUITY MANAGEMENT

Promoting Global Cybersecurity

The University of Queensland

L2 - Internet of Things

Intelligent and Secure Network

Security by Default: Enabling Transformation Through Cyber Resilience

Sage Data Security Services Directory

Securing Europe s IoT Devices and Services

G7 Bar Associations and Councils

Paper. Delivering Strong Security in a Hyperconverged Data Center Environment

Control Systems Cyber Security Awareness

An Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)

Cybersecurity for Health Care Providers

Cyber Security Technologies

Internet of Things Toolkit for Small and Medium Businesses

A practical guide to IT security

Information Security Controls Policy

Data Governance for Smart City Management

Regulation and the Internet of Things

Version 11

Run the business. Not the risks.

The modern car has 100 million lines of code and over half of new vehicles will be connected by 2020.

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

CITEL s s Focus on Cybersecurity and Critical Infrastructure Protection CITEL

ANATOMY OF AN ATTACK!

Orange Smart Cities. Smart Metering and Smart Grid : how can a telecom operator contribute? November

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

716 West Ave Austin, TX USA

The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3

Entertaining & Effective Security Awareness Training

Position Paper of the ASD Civil Aviation Cybersecurity Taskforce

HP Fortify Software Security Center

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

EMPOWER PEOPLE IMPROVE LIVES INSPIRE SUCCESS

The FIRST Project and the Future Internet National Research Programme

DEx. Other initiatives, ongoing projects and applications within the strategic program Automotive Security and Privacy.

Preempting Cyber Fraud: SWIFT Threat Indicator Sharing Tool. Cyber Security 3.0 Better Together August 18, 2017

Mission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS

An Overview of Smart Sustainable Cities and the Role of Information and Communication Technologies (ICTs)

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

Government IT Modernization and the Adoption of Hybrid Cloud

Express Monitoring 2019

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

AIIC Associazione Italiana esperti Infrastrutture Critiche AIIC (1)

SAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity

Internet of Things (IoT) Attacks. The Internet of Things (IoT) is based off a larger concept; the Internet of Things came

Governance Ideas Exchange

Introduction to Device Trust Architecture

Cyber Security: Are digital doors still open?

Securing the Smart Grid. Understanding the BIG Picture 11/1/2011. Proprietary Information of Corporate Risk Solutions, Inc. 1.

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

The Global Cybercrime Industry

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

Secure Societies Work Programme Call

SRA A Strategic Research Agenda for Future Network Technologies

Safeguarding company from cyber-crimes and other technology scams ASSOCHAM

Information sharing in the EU policy on NIS & CIIP. Andrea Servida European Commission DG INFSO-A3

National Policy and Guiding Principles

Transcription:

Future and Emerging Threats in ICT www.ict-forward.eu Edita Djambazova Institute for Parallel Processing Bulgarian Academy of Sciences 1

Description ICT-FORWARD is a Coordination Action that aims at promoting collaboration and partnership between researchers from academia and industry involved in the protection of ICT infrastructures against cyber threats. 2

Consortium 3

Motivation Security research in Europe is fragmented. FORWARD is a Coordination Action aimed at bringing together academics, industry experts, and policy makers who are actively working on addressing emerging threats in ICT infrastructures. ICT is a complex field that involves many domains and affects systems outside the network. The ICT landscape is rapidly and constantly changing. To counter the emerging and future ICT threats there is need for coordinated research activity and multi-domain cooperation. 4

Objectives Establish focused working groups to perform in-depth analysis of emerging and future ICT threats. Set up a community platform to enable continuous review of threat landscape and disseminate the results. Foster community building by organizing face-to-face workshops involving leading experts in the field. Compile threat scenarios to summarize the working group findings and outline future research roadmaps. 5

FORWARD's activity Working groups: Malware and Fraud Smart Environments Critical Systems Workshops First FORWARD Workshop in Goteborg, Sweden, April 2008 Second FORWARD Workshop in Saint-Jean-Cap-Ferrat, France, May 2009 In-person meetings, teleconferences, mailing lists Dissemination through dedicated panels at securityrelated events, newsletters and papers Web site and blog 6

Threat identification procedure First FORWARD Workshop, 60 experts from academia, industry, and government Three working groups, including field experts, communicating through mailing lists, teleconferences, in-person meetings of each WG Discussions on the emerging and future threats Threat lists delivered by each working group Discussions on the identified threats at the Second FORWARD Workshop, feedback from 100 experts Consolidated threat list 7

Threat identification procedure 2 Ranking of threats by impact, likelihood, awareness, R&D needed Threat scenarios to demonstrate how a threat could actually be materialized White book with realistic threat scenarios Research roadmap 8

Working groups Malware and Fraud. Malware and fraud-related threats on the Internet. Topics range from novel malware developments over botnets to cyber crime and Internet fraud. Smart Environments. Ordinary environments that have been enhanced by interconnected computer equipment. There is general expectation that a large number of small devices such as sensors and mobile phones will be interconnected. Critical Systems. Critical systems whose disruption of operation can lead to significant material loss or threaten human life. 9

Threat drivers New technologies: Technical advances that provide new functionality. By extrapolation we can foresee much faster networks (both wired and wireless), a substantial increase in parallelism (multi-core machines), and better energy and battery technology. Also, computing devices will become increasingly smaller and cheaper. As a result, they will become more widespread and they can support more and richer applications. New applications: Completely new uses of technology, uses that typically did not exist before or do not have a counterpart in the real world. Social networks, tools that have rapidly reached a significant fraction of the population and that support social interactions among large user groups. Software as a service. Applications are hosted by providers on a large-scale computing infrastructure, such as a cloud. This deployment and computing model is profoundly different from the traditional client-server model, and thus, we need to consider its security implications. New business models: Certain services or applications that might exist already in some form increasingly start to rely on a working ICT infrastructure. For example, online shopping, online banking, and even e-government. New social dynamics and the human factor: Possible changes in the way that people approach and use technology and certain applications. 10

Threats list Hardware security and threats Outsourcing Cyber physical systems Cyber warfare Attacks against virtualization IPv6 and direct reachability of hosts Advanced botnets Naming, the role of domain registrars, fast-flux networks Attacks against the network backbone and infrastructure Abuse of social network privacy and trust in online communities Underground economy Attacks against the financial sector/banks New vectors to reach victims Targeted attacks, spear phishing Smart phones and braindead zombies RFID-related threats Threats due to malicious hardware Threats due to false sensor data Threats to system maintainability and verifiability Attacks on office equipment that is not a traditional computer Threats to home automation Threats to aviation security Multicore-related threats. Threats to the wireless plane Privacy threats: spyware in the bedroom Threats due to scale Valuable Resources in Online Gaming 11

Threats list (cont.) Sensors as the New Computing Class New Generation Networks bring new security challenges Wireless communications in critical industrial applications Unforeseen cascading effects Hidden functionality Retrofitting security to legacy systems The use of COTS components and systems Safety takes priority over security The human factor The insider threat to critical infrastructures Cultural differences between control and security communities 12

Scope of the Critical Systems Working Group Critical Systems working group considers the special requirements of ICTs when applied to critical systems and critical infrastructures. Security Threats Critical System Interface ICT (support) Safety Service Delivery The service delivery must not be interrupted 13

Examples of critical systems Traditional critical infrastructures electricity, water, telecommunications, etc. SCADA systems Used in almost all Critical Infrastructures Efforts are already ongoing to protect such systems Financial systems are critical infrastructures that are hardly distinguishable from their ICT supporting component. Many access points Availability to many and diverse users 14

Emerging critical systems Data centers are becoming common and these can be seen as CIs in that they provide data necessary for more traditional CIs (Ex. future air traffic management, cloud computing, etc.) In-vehicle automation and ICT, with remote diagnostics and software updates for vehicles. Embedded (automobile) systems connected to open networks. Some of the problems related to any embedded system are also valid for the connected car. 15

Sensor networks The convergence of control with communication and computation will make sensor networks the new dominant computing class. This computational shift is going to bring a big shift on computer security issues. Common security mechanisms may not be applicable because of limited resources. An attacker can have much more powerful hardware and software than the nodes being attacked. 16

New Generation Networks The general idea behind NGN is that one network transports all information and services (voice, data, other media) by encapsulating them into packets. Openess and easy access of these non-regulated networks lead to an increased number of vulnerabilities, something that calls for large attention to security. NGN is designed to meet complex requirements, which complicates security architecture. Security solutions will differ from those of normal networks. 17

Wireless communications in critical industrial applications Today, wireless communications are not yet widely used for closed-loop control. Compelling technology because of its many advantages: operator mobility, safety, access security for visualization and optimization, and the immediate benefits of their deployment. Prediction that within 10 years, even critical control communications will be wireless. 18

Hidden functionality One threat of paramount importance is that of hidden functionality in systems, and in particular, in software (e.g. secret/undocumented entries to a system). Insertion vector is unknown and its existence difficult to verify. This functionality is totally uncontrolled and can lead to a large range of very detrimental impacts on the system. 19

Retrofitting security to legacy systems Security can seldom be retrofitted to an existing system, but economical constraints might still make this necessary. A better understanding is needed of how to best adapt security to such systems. Analysis of what new features can be added without unnecessary risk. Study the dependability of the different parts. 20

Use of COTS components Commercial Of The Shelf (COTS) components could be general-purpose or specialized software/hardware that is built separately of the system. Used in critical applications to reduce cost and time for design. Use of COTS components in a context never intended for them. Compositional effects of putting COTS systems together have never been tested. The designer has no real control over the product he is introducing into his system. There is no guarantee that there is no hidden functionality. Use COTS components with some fault-tolerant approaches (replication, diversity approach); apply only in non-critical areas; manage heterogeneity; use of compact and trusted application base. 21

Safety takes priority over security In the domain of critical systems both safety and security are important but in certain scenarios, safety takes priority. If the underlying process is about to become critical, security should not block or delay appropriate remedies or counteractions. Should there be a fail-safe system that disables the security (e.g. password requirement) at the local console when parameters in the system indicate a catastrophic event? A better understanding of the domain for the IT security experts is necessary. 22

The Human factor Human is considered to be the weakest point in a critical system. The roles include operators in control rooms, engineers taking technical decisions, managers and decision-makers for future strategy development. Education and training, raising awareness of security risks; sound and evolving security policy; modeling the user ( cognitive modeling ) and user-interactive properties. Rely on automatic procedures! 23

The insider threat to critical infrastructures Insiders are employees with experience of and knowledge about the CS. Attacks of this kind have already taken place. Some interesting results from a study on the insider threat show that a negative work-related event is most likely the trigger to most insiders attacks. Effective strategies for discovering an insider is an open research question. 24

Conclusions We have identified a number of threat areas that need further attention. We will scrutinize the final list of threats and describe some threat scenarios and research directions to counter the threats. The results will be published in a white book to be presented at the end of the project. We would like to capitalize on the large group of experts gathered by FORWARD to build a strong security research community in Europe. 25

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback