Вы находитесь на странице: 1из 35

...

,
Digital Security


: ,

, :
Windows
Linux
Ethernet
HTTP
XML
DCOM
.NET
SOAP
SQL
20022014, Digital Security


: ,

1.


2. .

3.
,
.

20022014, Digital Security


: ,

1.

2.
3.

4.

20022014, Digital Security


- -.
(PLC ,
?)
,
. ( ?)

20022014, Digital Security



.

-.

? ?
20022013, Digital Security

.

,
.
.
? ? ? ?
, .
? ? , .



20022013, Digital Security

(1999) -

.

Davis-Besse (2003) -
SQL Slammer,

.
MAROOCHY WATER BREACH (2000)
3
, .

, , (2011) -
SCADA-

20022011, Digital Security

(DSeC RG)

20022014, Digital Security

DSecRG

2011-2012:
SCADA:
OPC Systems WellinTech KingSCADA 5

:
WAGO, TECOMAT - 5

20022014, Digital Security

10

OPC Systems .NET ActiveX BOF 0-day DSECRG-00249

20022014, Digital Security

11

OPC Systems .NET ActiveX Unauthorized DOS DSECRG-00249

20022014, Digital Security

12

OPC Systems .NET insecure password storage DSECRG-00248

20022014, Digital Security

13

KingSCADA 3.0 - Insecure password encryption [DSECRG-00247]

20022014, Digital Security

14

WAGO

FTP FTP ( )
HTTP ( )
HTTP ( )
HTTP (CSRF).
SNMP ( )
MODBUS ( )
WAGO Services DOS ( )
CODESYS ( )

20022014, Digital Security

15

MITM HMI ( WAGO)

HMI

ARP Spoofing
MITM

PLC

/IO

20022014, Digital Security

16

DSecRG

2013-2014:
:
HMI INOR MePro (DoS);
HART OPC Server (DoS).
/ ( SSRF):
HART;
Plant Asset Management
(XXE, XSS, DoS).
:
AVR MSP , @ ZeroNights
2013

20022014, Digital Security

17

HART OPC Server DoS

20022014, Digital Security

18

PLC
I/O
Modbus

RS-485/Modbus
MSP
- .
20022014, Digital Security

19

DSecRG HART

20022014, Digital Security

20

INOR MePro 2.12.0 DoS

20022014, Digital Security

21

XXE ? !
Internet

XSD-
XXE
MES
XMLI

XML-

PAS
HART

20022014, Digital Security


22

XML Injection DTM FieldCare

20022014, Digital Security

23

XXE XSD injection


SSRF
SMB Relay
DoS
: RCE

20022014, Digital Security

24

20022014, Digital Security

25

:
;
;
.

20022014, Digital Security

26

ERP
/

MES

OPC

PLC2,3

PLC1

PLC7,8
20022014, Digital Security

HMI/SCADA

, I/O
27


.
.
.
//.
.

20022014, Digital Security

28


HMI-.
.
.
.
(, .).
( Internet, VPN .).

20022014, Digital Security

29


.
.
SoD.
.
.

20022014, Digital Security

30

(MES)
-

(SCADA, OPC, ...)

(PLC)

20022014 Digital Security

31

-?

20022014, Digital Security

32

-?
: SoD, patchmanagement, , , .
( !)
. :
.

.
IDS/IPS.
.
.
20022014, Digital Security

33

, .

SoD.

.

.
.

20022014, Digital Security

34

Digital Security : (495) 223-07-86


Digital Security -: (812) 703-15-47
http://www.dsec.ru
abolshev@dsec.ru
20022014, Digital Security