Time
1 hour 22 minutes
Difficulty
Beginner
CEU/CPE
1

Video Transcription

00:01
I see a scout of fundamentals. I see his technology Part two.
00:07
Now in this
00:08
module, we will be looking at the learning objectives for what I see US architecture A is some of the security considerations and looking at the old lost top 10 I CS applications
00:22
now OPC unified architecture.
00:26
Now this is very interesting protocol because it's for machine to machine, and it can utilise a lot of different programming languages. So C plus plus dot net Java, even some JavaScript, python rust and also power show. Most recently.
00:43
Now, the OPC architecture ER is as follows. You'll have advanced control operations and a historian feeding into the back plane for the OPC software that will then connect to an OPC server, which will then connect to drivers. And that's where things start actually moving
01:03
now for security considerations, it offers authentication, authorization, encryption data, integrity, data, signatures and AP Eyes. Now for the Web services that you use is something called Ws Secure Conversation,
01:19
which was something invented by IBM. And it's very similar to TLS encryption
01:25
and is also dot net and so compatible, and the binary uses algorithms of this step US secure conversation which is very similar again to TLS
01:36
for a p I usage in an I. C s environment. Do you situate actually prolific
01:42
and it helps automate the data processing. Also, it uses machine to machine language, but on I say with the big. But it comes with all the inherent risks of any other AP I So you have to think about repudiation, privacy, integrity and security.
02:00
Now using OPC unified architecture with AP eyes again, you can use many different programming languages to access it.
02:09
Now, if we look at the old WASP, a p I top 10 we again have to think about the fact that a P I zehren use and there are inherent risks so you can have broken object level authorization risks. Where can then expose a lot of the in points about all of the in points.
02:27
There's broken authentication, which means that it's implemented incorrectly
02:32
and you can grab authentication tokens to then compromise a system by grabbing them within the A P. I.
02:40
You could have excessive data exposure in a P I three in this means. Suddenly the things that you thought were private. Nope, it's now public to the attacker.
02:52
Lack of resource is and rate limiting. So there are some AP eyes where if there are great limits in place, suddenly can make 10,000 calls and break the system through resource exhaustion
03:04
than a P I risk number five broken function level authorization. So what happens if a user is able to elevate their privileges to an administrative function? And this is a bad thing
03:16
for, Ah, mass assignment? AP I number six. What we're looking at is being able to guess object properties and then go into those object properties and bypass authentication
03:29
security. Miss Configuration is probably the most common one that I see, and what this means is you think that something is secured. However, it is not set up correctly and so it can expose the permissions unnecessarily.
03:43
There's also risk of injection eso going back to sequel injection, no sequel and especially command injection. So if an attacker can use malicious data and Trickett the interpreter into executing a command, that its unintended bad things can happen
04:02
and also you can access data without proper authorization
04:06
improper asset management. Now this is similar to a P. I risk version one where it can expose a lot of data points, especially with a debugging in the environment and ap eyes on number 10 insufficient locking and monitoring.
04:25
So if the a p I is not written
04:28
where you could actually lock yamins,
04:31
then what happens is you don't know that you've actually been broken into, and right now, the average time to detect a breach is actually 200 days.
04:43
Now, this is an example of an exposed I. C. S got a system on the Internet. This bonus from Asia against security is typically an afterthought for these systems, and a lot of organizations, if not the vast majority of them, don't actually use open source intelligence gathering. Because of this, they don't know what assets they have exposed to the Internet,
05:02
so they're generally easy to find. But just be aware
05:06
that it requires about a medium skill level to actually manipulate these environments.

Up Next

ICS/SCADA Fundamentals

The ICS SCADA Fundamentals course is taught by world-renowned cybersecurity expert Chris Kubecka and will introduce students to basic critical infrastructure concepts.

Instructed By

Instructor Profile Image
Chris Kubecka
Founder and CEO of HypaSec
Instructor