what does this have to do · evolution of the cyber threat landscape digital information processing...
TRANSCRIPT
Source: Pixabay.com
What does this have to do with Cyber Security?
Source: Pixabay.com
In late June 2017, the owner of the Durex condoms brand, Reckitt Benckiser Group plc, fell victim to the NotPetyaransomware …
Reckitt Benckiser was forced to publish a statement on their
website
Source: https://www.rb.com/media/news/2017/june/rb-confirms-it-is-affected-by-cyber-attack/
What happened and
why*?*speculative
Scenario #1: The office network as source
Office Network
Production Network
Data Monitor ERP
Engineering Station
Scenario #2: The production network as source
Office Network
Production Network
Data Monitor ERP
Engineering Station
Service
What were the
consequences?
Reckitt Benckiser was forced to publish an update on the
cyber-attack
Source: https://www.rb.com/media/news/2017/june/cyber-attack-july-4-update/
Reckitt Benckiser was forced to publish an update on the
cyber-attack – including an estimate of financial effect
Source: https://www.rb.com/media/2989/rb-rns-6-july-2017.pdf
Evolution of the cyber threat landscape
Digital Information Processing Digital Connectivity Digital Automation and Intelligence
1950s – 1960s 1980s 20151999 2010s1970s 19911990s 2020s2000s
Home computer is introduced
Computers make their way
into schools, homes, business
and industry
Digital enhancement of
electrification and automation
The World Wide Web becomes
publicly accessible
The globe is connected
by the internet
Mobile flexibility
Cloud computing enters the
mainstream
Internet of Things, Smart
and autonomous systems,
Artificial Intelligence, Big Data
Industry 4.0
Military, governments and other
organizations implement
computer systems
AOHell
Cryptovirology
Level Seven Crew hack
Denial of service attacks
Cloudbleed
sl1nk SCADA hacks Meltdown/Spectre
AT&T Hack
Blue Boxing
Morris WormPhishing Targeting Critical
Infrastructure
NotPetya
Industroyer/Chrashoverride
WannaCryCyberwar
Stuxnet
The threat landscape keeps growing and changing
and attackers are targeting critical
infrastructures, business processes and
personal and company secrets
Globale Ransomware Attacken
Globale «Targetted» Attacken
Cyber Security Issues during Covid-19
Bild: CDC
Technische Schwachstellen
Prozessuale
Schwachstellen
MenschlicheSchwachstellen
Vorgehen von Angreifern
Cyber Kill Chain (developed by Lockheed Martin)
Bild:https://www.apriorit.com/dev-blog/582-employing-the-mitre-att-ck-matrix
Umgang mit Cyber Risiken
• systematisch
• kontinuierlich
• fokussiert
• geplant
Bild: Siemens
Rufen wir die Superhelden der
Cyber-Security zur Rettung!
…nope…
Wir sind die Superhelden….
6`000`000`000 CHF – wohin damit?
Projekt «Air 2030»
40 Jets inkl. Zubehör für 30 Jahre
Ethical Hackers
670 Mitarbeitende für 30 Jahre
(300`000 CHF/Jahr/Mitarbeiter)
Agiles und Systematisches Bedrohungs- und Risiko-Management wird gute
Antworten liefern!
COVID-19 +
Schutzmassnahmen und
Medikamentenentwicklung
…oder….
…oder doch lieber….
Marco Sieber
Consultant Industrial Cyber Security
Telefon: +41 79 592 71 94
E-Mail: [email protected]
Siemens Schweiz AG
Freilagerstrasse 28
8047 Zürich, Schweiz
Ihr Cyber Security Diskussions-Partner