FoU för cybersäkerhet i mobila nät

2016

Per M. Gustavsson, PhD Senior Advisor Cyber Security

per.m.gustavsson@combitech.se

Used from presentation from CDCiber, Brazil (2012)

The Mix

Cyber (Network)

Kinetic

A View on Kinetics and Cyber

Några attackvektorer • Intercept and modify deliveries of network infrastructure equipment

• Lack of security measures

• Collaboration vs Common understanding of security levels

• Misconfigured or outdated security measures

• Social Engineering & Manipulation

• APT – Advanced Persistent Threats

• Precision Targeted Malware (eg: Stuxnet, Duqu, Flame)

• Denial of Service (DoS)

• Delivery Time of messages

• Data Correctness / Degradation (over time)

• Seizure / Capture of buffer unit

Fredagkväll

Dålig Rekrytering

Maleware Net och AirGap

Avlyssning Packet insert

Cybersäkerhet

Functions of Command and Control

• Gathering information on own forces, the enemy, the weather and the terrain • Finding means to store, retrieve, filter, classify, distribute and display the

information • Assessing the situation • Laying down objectives and working out alternative means for attaining them • Deciding what to do • Planning • Writing orders and transmitting them as well as verifying their arrival and proper

understanding by the recipients • Monitoring the execution by means of feedback, at which the process repeats

itself

Van Creveld (1985)

Physical Domain

Information Domain

Cognitive Domain

See first, more

Sense making Understand

Faster and Better

Execution Act Decisively

Planning Decide

Faster and Better

Knowledge Superiority

Decision Superiority

Information Superiority

Effects Superiority

Network Enabled

Capability

Network Enabled Capabilities (After Ruud van Dam 2004, Alberts & Hayes)

Strax efter milleniumskiftet

Kring milleniumskiftet

Strax efter milleniumskiftet

12 9 25 3 12 18 8 5 – 45 30 28 1

Vad händer Gammalt och nytt Hype spaning Hot / risker / möjligheter Och är vi något smartare

* Partial System Listing

SKL

ASIP SINCGARS

CSS VSAT

TACSAT

AN/PRC-150C

EPLRS

Smart-T

JNN

GBS

Command Post

DCGS-A

Warlock

DTSS

TAIS

IMETS

DTSS

ACT-E

MCS

BCS3

ADAM Cell

IDM-T

ISYSCON v4

DCGS-L

GCCS-A

Enablers

BCCS

117G

BFT/ FBCB2

AFATDS

SIPR, NIPR VOIP

CPOF

A2C2S

Generators

Displays, Shelters & ECUs

MC OTM

The C2 Challenge

Often no usable products exist Producers of the technology shake out or fail

success stories and scores of failures

how the technology can benefit the enterprise start to crystallize 2nd-3rd generation

Mainstream adoption starts to take off

IoT Autonomus Vehicles

Smart Robots

Cloud

Quantum

Big Data Kritisk Infrastruktur

Integritet

© 2014 Gartner

2014

EMERGING TECHNOLGY TRENDS

Big Data

Volume • TP,PB, EB, ZB • Records • Transactions • Files

Velocity • Batch • Sparse • Interval • Near Real-Time • Real-Time

Variety • Structured • Unstructered • Semi-Structured • Multi-Structured

21

Expectations Visibility

2011

2012

2013

2014 Internet of Things

Often no usable products exist Producers of the technology shake out or fail

success stories and scores of failures

how the technology can benefit the enterprise start to crystallize 2nd-3rd generation

Mainstream adoption starts to take off

After Gartner 2008-2014

Gadgets används på andra sätt än vad de byggdes för utmaningar för säkerhet

TRADITIONAL IT SECURITY

SITUATION TODAY

RTO-MP-MSG-076 #14 2010-09-17 Per M. Gustavsson

MULTILEVEL SECURITY – EN VÅT FILT

DatamanagerDatamanager

Connectivity DriverSSL

Connectivity DriverRTPS

IP IPSec

Network Network

InformationExchange

ObjectModel

InformationZone 1ObjectModel

T(x)

T(x)

Datamanager

Connectivity DriverSSL

IPSec

Network

InformationExchange

ObjectModel

Datamanager

Connectivity DriverRTPS

IP

Network

InformationZone 2ObjectModel

T(x)

T(x)

Zone 1 Zone 2

Sieves and Filters (Data Diode) allows and prohibits information to leave and enter

An Information Exchange Object Model Only contains information that are to be exchanged.

Easy WiFi, mobile Roaming

Easy Roaming

KRYPTERA MERA

Expectations Visibility

Quantum Computers

2014

2013

2012 2011

Often no usable products exist Producers of the technology shake out or fail

how the technology can benefit the enterprise start to crystallize 2nd-3rd generation

Mainstream adoption starts to take off

After Gartner 2008-2014

© 2005 Roy Kasltschmidt

QUANTUM and Cyber Security

Quant computers calculate faster Quant Crypto provide better key distribution

D Wave Systems Inv

QUANTUM and Cyber Security

Vadim Makarov

RSA

PGP ECC

Quant computers calculate faster Quant Crypto provide better key distribution

Secret Double Octopus

AUTONOMOUS SYSTEMS

COM ADS-B Video Radar

IR

GPS

IMU

Magnetometer

Pilot system

Guidance

Navigation Control

Communication Control System: Bryta sig in i kommunikationsprotokoll och därefter nå access Application Logic: EW

Application Logic Felaktig data – Manipulering av sensorer, system status data, navigations data, C2

Control Systems Förhindra CPU/HW att fungera som tänkt – Buffer overflow, system resets, malicious code, HW förändringar

Mission plan

Hardware attack –Access to physical system Communication Attack – via communication or support systems Sensor Spoofing – False data

Campos Basin Scenario - ADS-B The scenario is the Air

Traffic Control operations in the Campos Basin.

The Campos Basin is a petroleum rich area located in the Rio de Janeiro state, and is responsible for 80% of Brazil's petroleum production (1 million 265 thousand barrels).

Oil development operations include heavy helicopter traffic between the continent and oceanic fields during daytime, with an average of 50 minutes per flight.

Legend

Airfield

Oil Field

WHAT ARE THE ASSETS

Business Layer Revenue - OIL Organization/Management Awareness, Planning, Execution Supply Chain of • Strategic Guidance • Concept Development • Plan Development • Plan Assessment • Orders ---------------- Technology Application layer Information layer Mission Assurance Layer Networking Layer Telecommunications Layer Sensors, Actuators & Data Layer

Campos Basin Scenario

The main airport in the Region (Macaé) has a Radar Station that supports the Air Traffic Service (ATS) within the Terminal Control Area (45 NM radius from the airport based at 9500 feet).

Most oil platforms are located more than 60 Nautical Miles from Macaé and the helicopter flights are carried out at low altitude.

Therefore, the ATS provided on most of the oceanic area is based on non-radar procedures, which significantly reduces the efficiency of air operations.

Campos Basin Scenario – ADS-B

Radar Coverage

ADS-B Coverage

Legend

Link16 från Google search Marketing info (Northrup Grumman):

Paper from Australian Government, Department of Defence;

"Extending the Wireshark Network Protocol Analyser to Decode Link 16 Tactical Data Link Messages"

http://dspace.dsto.defence.gov.au/dspace/handle/dsto/10478

U.S. military tactical data links vulnerable to electromagnetic warfare threat, according to Committee report

“The committee believes that future conflicts against threats with anti-access/area-denial capabilities could see significant threats to U.S. airborne and ground tactical data links. However, the committee is concerned that many such data links are not currently designed or funded to operate against a robust electromagnetic warfare threat. …"

http://groundreport.com/u-s-military-tactical-data-links-vulnerable-to-electromagnetic-warfare-threat-according-to-committee-report/

"… It should be noted that China has developed, as early as 2007 what is called a virtual road map for attacking tactical data link communications:

They have carefully consulted dozens of corporate web sites and military tactical data link operator guides, as well as North Atlantic Treaty Organization (NATO) and U.S. military tactical and technical manuals, to produce a virtual guidebook for electronic warfare and jamming to disrupt critical U.S. cooperative target engagement and command, control, communications, computers, and intelligence, surveillance and reconnaissance (C4ISR) data links: Tactical Data Links in Information Warfare"

Mobila system TWIPR-SC gör din antenn till en del i motståndarens sensorplatform

Air Hopper (78MHz) Tx:DisplayCable Rx:FM Reciever 7m 104-480 bit

Ultrasonic ( ) Tx:Speaker Rx:Microphone 20m 20 Savat (80kHz) Tx:Cpu/Memory Rx:Dedicated 1 N/A BitWhisoer TX:CPU/GPU Rx:HeatSensor 0,5 8bit/h GSMem

BitWhiser TX:CPU/GPU Rx:HeatSensor 0,5 8bit/h

GSMem (800Mhz)

EU? SVERIGE?

EU? SVERIGE? Norge - Gjövik

JSOC CIA NSA

Government resolution on tax breaks for employment in Cyberspark

Ben-Gurion University

High Tech Park (ATP)

IDF Technology

Campus

CERT-IL

Cyber Security Research Center

MASAD With the MoD’s DDR&D

$10 million (2013-2014)

The Cyber Security Industry in Israel

KIDMA With the MoE’s OCS

$25 million (2013-2014)

Government resolution on

tax breaks in the Cyberspark

Designated vehicles on top of general investments: 300 companies (about 100 are new)

20 MNCs with related R&D activity

Annual exports of $3 billion

Nearly $200 million raised in 2014

~5% of the global market and

~10% of VC deals

Fredagkväll

Dålig Rekrytering

Maleware Net och AirGap

Avlyssning Packet insert

Cybersäkerhet

Cybersäkerhet några tips

Security topic Minimum "Recommended"

Technical Infrastructure Standards & Procedures Hardening & Audits

Supplier Management Procurement Procedures Technical Lot audits

Configuration Management Standards & Procedures Configuration audits

Security Awareness Security trainings Continuous HR checks

Network Control Network Monitoring Network Traffic Analysis

WiFi Control Network Monitoring WiFi Scanning/Sniffing

Common Security Levels Common Understanding Defined Standard

Standards and Controls

The only security tech worth anything is the one that gets used

The solution must be easy to use; for the users for the administrators for the developers For the integrators

SECURITY IS DIFFICULT