plataforma de operação e simulação cibernética

SIMOC PLATFORM

Agenda

o About RustCon

o Introduction to CyberSecurity

o CyberSecurity - Concepts

o SIMOC as a platform to build and manage a cyber safety environment

o DEMO

About RustCon

• Founded on 2011, RustCon is a Brazilian Consulting Company

• Focus on Defense and Security Industry

• We are a Strategic Defense Company (or EED in Portuguese), certified by the Brazilian Ministry of Defense

INTRODUCTION TO CYBERSECURITY

What would happen if the electrical system of this city was shutting down?

... And if all air systems of that country stops?

... and also if the data of Social Security is hacked?

What can we expect if we face situations like these?

CHAOS

ECONOMIC LOSSES

Delivery of a Safety Cybernetic EnvironmentCHALLENGES

It is a LONG process...

require COMPLEX tasks

Manual process is error-prone

and non-repeatable

Safety Cybernetic EnvironmentACTIVITIES

Require multiples IT planning meeting

Define applications, middleware and

budget

Coordination across teams

Design Architecture Design Deployment and Configuration Setup Network

Create VMs Create Applications Assemble Workflow

Generate the traffic Test and qualify Manage the App lifecycle

Several weeks to be complete

Value Proposition

Design Provisioning Execute

provides agility to create a complete Software Defined Environment

Catalog of Scenarios which will support you to perform security tests.

CYBERSECURITY - CONCEPT

Cyber Security Concept

to PROTECT and to ENSURE the availability

of NETWORK SERVICES

in charge to the management and control of

the CRITICAL INFRASTRUCTURE

of an ORGANIZATION

“customized” cyber attack modes for specific

Company.

Current Scenario

Increasing number of cyber incidents against

government organizations

Increasing networks interconnections. 50 Billon de

devices with the Internet of Things till 2020.

GAP of 2.2 Millon security professionals till 2017

source: Websense Security Labs

source: Websense Security Labs

Fast Growth in Number of Incidents

Main Threatso violation of the National Securityo Sabotageo DDOSo Data theft

Energy, Oil&GasTelecommunicationsBanks

Targets

How to Act

Capability It’s all about to build knowledge into the team.

Prevent To define safety process in order to implement new cyber infrastructures

ActionMonitoring cyber infrastructues and put in place the plan for defence, to fix the issues and to recover the disasters

Unsafe environment

Safe Environment

Point-of-View

PreventMonitor Quick Response

Regulation Capability

Infrastructure

Decision Support System

Inteligence

THE SIMOC Simulador de Operações Cibernéticas

What is The SIMOC?It is a platform that allows the creation of cyber environments, with focus on security.

SIMOC

Capability

Assessment

Operations of Security Services

Capability

How to

• Scenarios already designed in Cyber attack and defense

• Real-time monitoring and the possibility of interfering in the progress of the training (pause, fast forward, rewind)

• Possibility of recording the training for further evaluation of students.

Benefits

• Training expertise from an environment that reflects the specifications of your own network

• knowledge Leveling with significant reduction of OPEX and CAPEX

• Capability development Continuously

Its goals are to form, train and update cyber analysts.

AssessmentAssessment of services and network elementsVulnerability and Risk Analysis

How to

• Create of a replica of the TIC infrastructure in a seggregated environment

• Emulate links (ADSL / Satelital / Ethernet / Customized)

• Traffic generation• Automated Cyber attacks and

defence

Benefits

• Support to Change Management• Support to Capacity

Management (Stress Test)• Support to Quality Management

(Regulation/certification)• Agility• OPEX / CAPEX reduction

Operations of Security ServicesCreation of Secure Services to be used in a production environmen

How to• Utilization of pre-configured

secure service packages (Templates)

• Integration with real and virtualized networks

Benefits• OPEX / CAPEX optimization• Services with high-level of

security

23

Catalog of Scenarios

Catalog of ScenariosThe SIMOC platform brings along a list of more than 50 ready-to-use

scenarios. And additionally allows the operator to add new scenarios. Check a few examples of scenarios in the catalog:

o Overcome protections (networks with Snort, Firewall and Squid)o Execute an SQL Injection attacko Modify the content of a web page with an FTP server vulnerable to Buffer Overflowo Obtain access to source code in execution on the web server and find flaws in the codeo Attach a client machine through sending a malicious link in an e-mail. The installed

malware will send files with confidential information from the client via e-mailo Attack a network with DHCP service, depleting the IP addresses of the official DHCP

server to personify the servero Overcome the access control, passing the conection through a DNS tunnel DNS to have

acccess to blocked services

Scenario of a power plant invasion - network

Hamilton OliveiraBusiness Developer Manager - CyberSecurity

mailto:hamilton.oliveira@rustcon.com.brOffice:+552135543181